Cybersecurity

56% of central banks lack national cybersecurity strategy — IMF


The International Monetary Fund (IMF) has revealed that 56 percent of central banks or supervisory authorities do not have a national cyber strategy for their financial sectors.

The Washington-based institution said this after surveying 51 countries and putting its findings in a report titled, ‘Mounting cyber threats mean financial firms urgently need better safeguards.’

Read also: ‘Financial inclusion threatened by cybersecurity levy’

It said 42 percent of these financial institutions lack dedicated cybersecurity or technology risk-management regulations, and 68 percent do not have a specialised risk unit within their supervision department.

“64 percent do not mandate testing and exercising cyber security measures or providing further guidance. 54 percent lack a dedicated cyber incident reporting regime, and 48 percent do not have cybercrime regulations,” it explained.

The IMF highlighted that cyber attackers persistently target the financial sector. The institution stated, “Due to the tight financial and technological interconnections within the sector, attacks can rapidly spread throughout the system, potentially leading to widespread disruption and loss of confidence. Cybersecurity is, therefore, a significant threat to financial stability.”

In its April 2024 Global Financial Stability Report, the IMF revealed that $12 billion has been lost to cyberattacks in the last twenty years.

The Nigeria Inter-Bank Settlement System recently disclosed that financial institutions lost about N17.67 billion to fraud in 2023.

Read also: Cybersecurity levy in Nigeria: Can a nation tax itself to prosperity?

According to the NIBSS, while the fraud count decreased by six percent to 95,620, the actual loss from fraud increased by 23 percent in 2023 compared to 2022.

In its recommendations to central banks, the IMF added, “The fund’s recommendations include the development of robust national cyber strategies, the implementation of dedicated cybersecurity regulations, and the establishment of specialised risk units within supervisory authorities.”



Source

Related Articles

Back to top button