Drawbridge

CYBER SECURITY IN THE FINANCIAL SERVICES SECTOR WORKSHOP

I am honoured to welcome you all to this important workshop on “ Cyber Security in the Financial Services Sector”, which is being jointly conducted by the Macroeconomic and Financial Management Institute of Eastern and Southern Africa (MEFMI) and the Bank of Zambia. This workshop aims to discuss financial sector vulnerabilities arising from cyber threats and risks and to develop the necessary skills and tools to make the sector resilient.

Let me take this opportunity to extend a special welcome to our facilitator Dr. Rukanda. I am sure the delegates will greatly benefit from your experience and vast
knowledge on the subject.

Ladies and gentlemen, as you are all aware, Information and Communication Technology (ICT) have over the years permeated all aspects of our lives and in particular, have become the mainstay of the world’s financial sector infrastructure. While these ever emerging technologies such as Digital transformation, Artificial
Intelligence, Internet of Things, Cloud Computing, Enterprise Mobility and Mobile Banking, have brought about efficiency and increased innovations, they have also
exposed the financial services sector to cybercrime. Some notable incidents of cybercrime include, the attack on the Central Bank of Bangladesh, Russian retail
bank and seven banks in the United Kingdom.

The financial services sector is a key target by criminals because it is the custodian of large amount of funds in the economy. For this same reason, the financial services sector has to also deal with other types of risks, which among others include, fraud, extortion, money laundering, illicit financial flows, market manipulation, data theft, and currency attacks. With statistics showing an increase of cyber-attacks in the financial sector, the importance of ensuring that our institutions are cyber resilient cannot be over-emphasized.

Ladies and gentlemen, the financial services sector has to see cybersecurity for what it is, a large scale operational risk deserving the utmost attention and thus develop the necessary systems and cultures throughout the sector to deal with this risk. Key to the development and operation of these systems and cultures is the need to nurture talent capable of addressing cyber security threats through prompt detection, investigation, reporting, prosecution and prevention.

Distinguished participants, let me also emphasize that cyber risks should be viewed from an enterprise-wide perspective. ICT, Security, Operations, Credit Control, Anti-Money Laundering and Fraud Investigation departments need to break down the various silos to facilitate faster detection and prevention of cyber financial
crimes. No single department or function can be an island in this battle. In the same vein, no bank or financial institution can be an island. One financial institution
brought down by a cyber-attack would impact other banks and could ultimately destabilize the entire financial sector. It is for this reason that I call upon all CEOs here present to ensure that Cyber Security is entrenched in our day-to-day operations and strategic plans.

Ladies and gentlemen, I am aware that other countries have set up Computer Incident Response Teams (CIRTs) for various industries, including the Financial
Sector. It is high time that we seriously begin to consider setting up a financial sector CIRT in Zambia. I believe that the CIRT would, not only assist in ensuring that all financial institutions are collaborating and working as one in mitigating cyber risks, but also enable information sharing. I am therefore calling upon Bankers Association of Zambia to work with Bank of Zambia to ensure that this is achieved.

Ladies and gentlemen, I wish you the best and I encourage you to participate actively during the presentations and discussions. Use every opportunity to tap into
the vast experience of the resource persons and your peers during these few days. With these remarks, I declare this workshop officially open.

Thank you and God bless you all.