Banks urged to build robust anti-cyber-attack systems
The First Deputy Governor of the Bank of Ghana (BoG), Dr Maxwell Opoku-Afari, has reiterated calls on financial institutions, particularly banks, to build anti-cyber-attack systems, and design appropriate mechanisms to counter possible cyber threats.
He noted that the Covid-19 pandemic, and issues attendant issues have led to working remotely, transferring resources across financial platforms, purchasing goods and services online, were gradually changing the face of the economy.
This situation has accelerated the adoption of digitalisation in the country, as such the threats of cyber-attack was progressing at top speed.
Accordingly, he said, there was the need for financial institutions in the country to position themselves in readiness for the threats that would come along with the changing lifestyles and doing business.
Dr Opoku-Afari, underscored that addressing cybersecurity risks has become more important than ever and policymakers need to internalise this fact in their discourse.
He emphasised that, “our inability to put in place policies to protect the infrastructure of banks from attacks could result in the destruction of the very foundation of growth, and this has national security implications.”
He made these remarks at the official launch of the national Cyber Security Awareness Month (NCSAM) 2021 last Friday in Accra.
Likewise, he indicated that in addition to the BoG’s cybersecurity regulations, financial institutions would require to implement an integrated approach by adopting enterprise-wide frameworks of cyber risk management in line with business objectives.
“It is important for institutions to undertake cyber security-related due diligence and assessments, identify proper detective controls, and enforce third party and insider risk programmes to protect and safeguard their working environments from cyber related activities that are not conducive for growth,” he stated.
On the part of the Central Bank, Dr Opoku-Afari, said, the Bank, as far back as October 2018 took actionable steps to issue the Cyber and Information Security Directive in a bid to enhance and protect the security of the banking sector.
“The Directive, at the time, was aimed at creating a secure environment within the cyberspace for the financial services industry and thus serves to generate adequate trust and confidence in Information Communication and Technology (ICT) systems.
Following the issuance of the Directive, the Bank of Ghana has introduced many initiatives to strengthen and secure the information security architecture of the banks, to ensure the systems at the banks are robust and resilient,” he stated.
He touched on the Cybersecurity Act, 2020 (Act 1038), and noted that the Act would further promote and improve collaborative efforts between the Cybersecurity Authority and the Bank of Ghana in dealing with cyber-attacks in the financial space.
“The Central Bank will work closely with the Cybersecurity Authority to monitor trends of cybersecurity issues in the financial sector and ensure collaborative response to cybersecurity incidents,” he added.
The Bank of Ghana would also play an active role in the implementation of the Cybersecurity Act, 2020 through our representation on the Joint Cybersecurity Committee (JCC) pursuant to Section 13 of Act 1038.
“We will endeavour to provide all support available to ensure smooth formulation of policies in this area,” Dr Opoku-Afari, pledged.
He added that the Bank of Ghana has prepared a banking sector Cyber and Information Security guidelines to protect consumers and create a safer environment for online and e-payments products.
The Deputy BoG governor explained that today’s world was completely different from a decade ago as changes in information and communication technology increase exponentially.
“As a result, it is important for institutions to undertake cyber security-related due diligence and assessments, identify proper detective controls, and enforce third party and insider risk programmes to protect and safeguard their working environments from cyber related activities that are not conducive for growth,” he urged.