Vietnam considers telecoms in Nigeria

Vietnam to invest in telecoms in Nigeria

Plans to use Viettel as vehicle for presence.

Thursday, Nov 23rd

Central Bank of Kenya issues cyber security ultimatum

Central Bank of Kenya issues cyber security ultimatum

Financial institutions in Kenya have until the end of this month to comply with cyber security directives issued by the Central Bank of Kenya (CBK).

The directive states, "The board of directors and senior management of an institution are expected to formulate and implement Cybersecurity strategies, policy, procedures, guidelines and set minimum standards for an institution. All these must be documented and made available for review by external auditors and CBK."

Policies will be reviewed annually to ensure consistency in compliance, it adds.

The CBK also suggests the appointment of Chief Information Security Officers.

"One of the strategic measures globally accepted and acknowledged by CBK has been the introduction of the role of the Chief Information Security Officer (CISO). This role is aimed at creating an organisational culture of shared cybersecurity ownership," the directive continues

Institutions are now required to report any breach of security to the CBK within 24 hours. "The institutions should notify the Central Bank of Kenya within 24 hours of any Cybersecurity incident(s) that could have a significant and adverse impact on the institution's ability to provide adequate services to its customers, its reputation or financial condition in the format set out to this guideline," CBK stated.

Third party cloud and ICT service providers are also required to comply with the directives.

Dr Bright G. Mawudor, Head of Cyber Security at Internet Solutions commented, "While compliance and certification are good to have, they are not a solution to cyber threats. For Kenyan businesses to achieve cyber security resilience, they will be required to carry out continuous security assessment and gap analysis to test the validity of their plans."

He said mobile money transfer and banking are tightly integrated into the Kenyan market, but offer a loophole for cyber criminals.

"This calls for a robust and strategic approach to adequately tackle enterprise security, which is currently not clearly defined across various industries and organisations," he added.

Financial institutions must submit their cyber security policy, strategies and frameworks to CBK by 30 November.

ALSO ON ITWEB AFRICA

South Africa, prepare for more cyber attacks Published on 14 November 2017

Fortinet's message to the market is that the responsibility to govern security and its portfolio across the company is no longer confined to only a section of the board.

Central Bank of Kenya issues cyber security ultimatum Published on 14 November 2017

Local financial institutions have until 30 November to submit relevant strategies, policies and framework.

Riverbed and Zscaler first to deliver unified cloud networking and security solution Published on 21 November 2017

Riverbed Technology today announced a joint solution with Zscaler, a leader in cloud security, to enable organisations to securely transform to the cloud.

Egypt's ICT Ministry looks for new international partners Published on 31 October 2017

North African country's new ambassadors to Russia and Serbia urged to prioritise mutual cooperation in ICT.