Participants in a group photo after the workshop
Between US$ 700, 000 and US$ 1 million (Shs3.72bn) is lost globally in cybercrime per hour.
Isheanesu Sithole from the Macroeconomic and Financial Management Institute of Eastern and Southern Africa (MEFMI) made the revelation in an exclusive interview with Business Focus on the sidelines of a recent workshop on Cyber Security in the Financial Services Sector held at Golden Tulip Hotel, Kampala.
It was organized by the Bank of Uganda.
According to Sithole, the loss comes from a wide range of areas such as internal collaborations (bank staff leaking information to the attackers) while other attacks come externally for either financial gain or just an attempt at hacking skills.
Addressing participants earlier as a Guest Speaker on the role of the Board and Executives in cyber security, Sithole said that by 2030, 500 billion devices will be connected to the internet. Of these, he said, 50 billion will have smart devices. Sithole noted that statistics show that there was 63% internet penetration globally in 2022.
“Cybercrime has made more organizations vulnerable. Back in the day, someone needed to be close to you to steal from you. Now, someone in Russia can steal from someone in Uganda. So, cyber security impacts all aspects of your organization,” Sithole said, adding: “Computing and processing capacity doubles every 18 months. 4.6 million people are using social media.”
He adds that by 2040, 95% of purchases will be online.
He noted that the role of the Board is “very critical” in the area of Cyber security risk oversight.
He appealed to participants to include cyber security expertise “in your Board”, prioritize material cyber risk in the business and recognize cyber security as a strategic business enabler.
“Taking cyber security seriously builds trust and confidence among customers and shareholders,” he said.
Sithole warned that the impact of cyber security is going to grow exponentially.
“Cybercrime is going to be more and more sophisticated. Criminals are getting more sophisticated. Adequate resources should be invested in the area.”
Tumubweine Twinemanzi, the executive director-supervision at the Bank of Uganda, told journalists that “internal threats” that are besetting local banks are occasioned by “people” and “not necessarily the systems.”
“We are not badly off in terms of cyber threats from outside in, but we are doing badly on cyber threats from inside out,” Twinemanzi said.
According to Sarah Arapta, the chairperson of Uganda Bankers’ Association, sector players need to come up with a framework supported by regulation.
“We need to come up with a framework supported by regulation,” she said, adding, “This framework will devise some of the penalties that will be instituted if employees are found to breach data privacy.”