Financial Crime World

Here’s the converted article in markdown format:

Financial Institution Cybersecurity Best Practices in Burkina Faso

Burkina Faso, a country with a total population of approximately 17.5 million people, has made significant strides in its cybersecurity landscape despite having limited internet penetration.

  • The Law on Network and Electronic Communication Services provides specific legislation on cybercrime.
  • The Law on Services and Electronic Transactions provides a framework for regulating and complying with cybersecurity requirements.

Technical Measures

  • The International Telecommunication Union (ITU) conducted a Cybersecurity Incident Response Team (CIRT) readiness assessment in Burkina Faso in 2010, resulting in the establishment of the national CIRT, CIRT.BF.
  • The organization is part of the National Agency for Information Systems Security (ANSSI), which will be fully operational by the end of 2014.

Standards

  • The National CIRT has recognized national and sector-specific cybersecurity frameworks for implementing internationally recognized standards.
  • However, Burkina Faso does not have any officially approved national or sector-specific certification programs for cybersecurity.

Organization Measures

  • ANSSI is developing an officially recognized national cybersecurity strategy.
  • The National Cybersecurity Plan provides a roadmap for governance in the sector and outlines major actions to be taken to build a sustainable protection against various types of cyberattacks.

Responsible Agency

  • The National Agency for Information Systems Security (ANSSI) is responsible for implementing a national cybersecurity strategy and policy, as well as monitoring the internet ecosystem in Burkina Faso.
  • ANSSI will also have auditing powers for information security.

National Benchmarking

  • ARCEP conducted a global study on cybersecurity protection in 2010, setting a benchmark for the country’s level of cybersecurity protection.

Capacity Building

  • Burkina Faso does not have any officially recognized national or sector-specific research and development programs for cybersecurity standards, best practices, and guidelines.
  • There are no educational and professional training programs for raising awareness about cybersecurity or promoting certification of professionals in either the public or private sectors.

Cooperation

  • Burkina Faso has an officially recognized program for sharing cybersecurity assets within the public sector through the national CIRT (CIRT.BF).
  • However, the country does not have any official partnerships to facilitate sharing of cybersecurity assets across borders or with other nation-states.

Child Online Protection

  • Burkina Faso does not have any national legislation pertaining to child online protection.
  • The country has acceded to the Convention on the Rights of the Child and the Optional Protocol to the Convention on the Sale of Children, Child Prostitution, and Child Pornography, but lacks institutional support and a reporting mechanism for incidents related to child online protection.

Despite these challenges, Burkina Faso is making efforts to enhance its cybersecurity landscape and protect financial institutions. As the country continues to develop its cybersecurity infrastructure, it is essential for stakeholders to work together to address the remaining gaps and ensure a safer digital environment for all.