- others to come on board as 2022 targetted for full operationalisation
The Security Information and Events Management (SIEM) system and Security Operation Centre (SOC) of the Agricultural Development Bank (ADB) have been earmarked for the trial phase of the Bank of Ghana’s (BoG) impending Financial Industry Command Security Operation Centre (FICSOC), which will boost monitoring of cyber vulnerabilities.
This was disclosed by Dr. Ernest Addison, Governor of the central bank, at the close of the 102nd Monetary Policy Committee (MPC) meeting in Accra, where he expressed the readiness of his outfit and indicated that all 23 banks in the country will be onboarded to the platform – with a tentative timeline of one year set in this regard.
“We have the SOC of the central bank which monitors our cyber resilience, and currently we are in the midst of setting up the FICSOC,” he explained. “I believe the bank is ready and ADB is getting connected to the FICSOC and in a year from now; we should have all 23 banks on the platform. This will allow us to monitor the entire risk associated with the entire banking sector.”
SIEM technology provides real-time analysis of the security alerts which network hardware and applications generate. It includes systems for monitoring, consolidating and analysing cyber and information security incidents documented in security system logs.
The sector regulator in 2018 issued the Cyber & Information Security Directive (CISD), which had as its express purpose the creation of “a secure environment within cyberspace for the financial services industry, and generating adequate trust and confidence in ICT systems as well as transactions in cyberspace”.
This required, among other things, that regulated institutions connect their SIEM system to the BoG’s SIEM system by sending alerts, aggregate information and reports. The move forms part of measures by the watchdog to protect regulated institutions and their customers from rising incidents of cyberattacks, particularly in the wake of increased cyber activity – financial and otherwise – as a result of the ongoing pandemic.
ADB is the first bank out of the 23 banks in the country to have its SOC ready in compliance with the regulator’s directive.
A letter from the BoG to ADB that touched on the selection of an implementation partner for setting up the FICSOC to enable banks comply with the directive stated: “The project is at an initial test-phase to connect the SIEM system of banks to the FICSOC. In this respect, your bank was identified and approved by BoG for the first connection. The Bank of Ghana would like to congratulate you and your team for achieving this height as you work with the BoG and its implementing partners on connecting to the FICSOC”.
Developments in financial sector cybersecurity
According to a report published in 2020 by Morocco-based firm Dataprotect, banks in sub-Saharan African are especially vulnerable to cyberattacks – including bank card fraud and phishing, among others. This was attributed primarily to a lack of qualified technicians and investment in cybersecurity.
The report, which engaged 148 banks from the West African Economic and Monetary Union and Central Africa, argued that while cybercrime is estimated to cost Africa €3.5bn – or 0.66% of the €528bn recorded globally – banks within the region remain susceptible to sweeping attacks and could represent the next frontier for such in the short- to medium-term.
Closer to home, BoG in its Banks & SDIs Fraud report for 2020 revealed that attempted fraud cases breached the GH¢1billion barrier last year – by a whopping 773.6% over the GH¢115.5million recorded in 2019.
Despite a 24% dip in actual losses at GH¢25.4million compared to an estimated loss of GH¢33.4million the previous year, incidents of staff-aided breaches – which accounted for 56% of cases – and the increased targetting of digital channels were considered especially worrying.
The BoG has expressed optimism that measures including full implementation of CSID as well as the operationalisation of FICSOC: “Enhance the protection and resilience of the financial system’s operation, and provide security practices related to the design, acquisition, development and use of operation information resources”.