The Ministry of Information, Communication and Technology has reassured the public that the government computer systems and networks are secure following the recent WannaCry Ransomware attack that hit the world on Friday, May 14.
Cabinet Secretary Joe Mucheru said on Tuesday, that the government was keenly following developments on the encryption malware which effectively disabled over 200,000 computers running the Windows operating system in over 150 countries.
“We have heightened our cyber monitoring and surveillance mechanisms to prevent and eliminate any remote possibility of attack”, explained Mucheru.
He was speaking at the Cyber-Security & Banking Forum organized by Citibank and the ICT Authority, where he challenged the financial services sector to improve information sharing and reporting on Cyber-security breaches.
“Breach notification eliminates the clandestine attempts by hackers to attack systems and enables synergized efforts towards the prevention of the criminal activity as well as their prosecution”, he said.
The ICT CS added that this would also aid in quantifying the exposure and resilience of organizations both in public and private sector to cyber security incidents.
Michael Mutiga, Managing Director, Corporate and Investment Banking at Citibank said that the creation of a shared industry reporting structure was the next phase in the evolution of Cyber-security awareness in Kenya.
“Breach notification is an important factor in the entire process of cyber-risk management. We have seen other markets develop mechanisms to share this data, within set parameters for the benefit or the industry and overall economy”, he said.
At the event Mucheru pointed out that although the financial services sector relied heavily on various financial technology to link to each other and the larger economy, it was yet come up to par in terms of Cyber-risk preparedness.
“With more than 75.3% of Kenyan citizens included in the formal financial services in the country, one would logically expect a corresponding increase in cyber security investments in the industry, statistics indicate this is not the case currently”, explained Mucheru.
“Collaboration is taking place on an international level- attacking a global threat through combining the capabilities of companies and banks across the world. The information Sharing and Analysis Centers (ISACs) for instance, share information not only internationally, but also across sectors, said Edward Kiptoo, Citi’s Lead Information Security Officer for Middle East and Africa.
The Kenya Cyber Security Report 2016 by Serianu indicated that about 44% of financial institutions run on a cyber-security budget of a paltry USD1 to USD1,000 annually, whilst another 33% of financial institutions in Kenya have zero spending on all matters cyber security. The report further noted that a whopping USD175 million has been pilfered from Kenya’s economy by savvy cybercriminals.
“We must ensure that our aspirations for innovation in the various sectors of the economy are matched with prudent security risk management especially in the Fintech services area” concluded Mucheru.
Estimates show that cybercrime could cost the global economy up to USD575 billion in 2017.
