Financial Crime World

Here is the rewritten article in Markdown format:

Cybercrime on the Rise in Kenya’s Finance Industry, Study Warns

============================================

As digital payments become increasingly popular in Kenya, a new study has highlighted the growing threat of cybercrime in the country’s finance industry. The study, commissioned by Trust4Cyber and Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH, maps out the cybersecurity landscape in Kenya with a focus on the financial sector.

Human Error: A Security Vulnerability

The report notes that human error is often overlooked as a security vulnerability, despite being responsible for 9 out of 10 cyber breaches in companies. This highlights the importance of employee training and awareness in preventing cyber attacks.

Growing Cybersecurity Threats

The study identified significant growth in cybersecurity threats detected by KE-ICRT, from 23 million in 2018 to 110 million in 2020. Ransomware, malware, and phishing attacks are the most common cybersecurity risks, according to KE-CIRT statistics for the second quarter of 2021.

Top Cyberthreats in Africa

Online scams, digital extortion, business email compromise, ransomware, and botnets were identified as top cyberthreats in Africa by Interpol’s 2021 report on African Cyber Threat Assessment. The fintech sector is particularly vulnerable to cybersecurity challenges, including:

  • Loss of funds due to cyber-attacks
  • Limited data on breaches
  • Lack of skilled staff and awareness
  • Wide use of pirated software
  • Inadequate funding
  • Prosecution capacity
  • Managing evidence
  • Information security gaps

Recommendations

The study recommends that the Kenyan government:

  • Promote a human-centred approach in implementing cybersecurity strategies
  • Review its outdated strategy
  • Develop a national cybersecurity policy
  • Enhance cybercrime information sharing

The private sector is urged to:

  • Invest in resources towards hiring skilled personnel, knowledge and capacity building, and infrastructure upgrade

Civil society organizations are called upon to:

  • Develop cyber hygiene programs targeted at the public
  • Monitor and report on government and financial sector measures
  • Enhance collaboration with other stakeholders

International development partners are encouraged to:

  • Support civil society organizations
  • Collaborate with other stakeholders
  • Invest in capacity building programs
  • Promote international cooperation

Accessing the Full Report

The full report is available online at https://toolkit-digitalisierung.de/app/uploads/2022/03/GIZ-2022-A-study-paper-on-human-centred-cybersecurity.pdf.