advertisement

Banks ordered to submit cybersecurity risk policies before October ends

bank cards

The Reserve Bank of Zimbabwe has urged local banks to update their cyber risk management policies in the face of COVID-19. Ok, that’s a bit misleading. RBZ says since digital transactions are increasing during the pandemic banks have to bolster their security.

Accelerated digitisation by banking institutions in the wake of COVID-19 and the remote working arrangements have expanded the attack surface of banks’ information technology networks. Critical business functions are more exposed to opportunistic and targeted cyber-attacks by criminals and thus increasing consumer protection risks.

Cyber and anti-fraud controls are critical for banking institutions during and post COVID-19. Banking institutions are called upon to remain alert to such threats and activate appropriate risk management responses and to conduct ongoing consumer education campaigns.

advertisement
MPS 2020

RBZ has instructed banks to review their preparedness for cyber threats. Banks are then expected to submit updated Cyber risk policies before October ends.

Deja Vu

In 2019, Mangudya made a similar declaration. At the time he demanded banks update their cybersecurity policies and start issuing out EMV cards. The deadline for that was 31 March 2019. It came, went and banks didn’t comply. In fact, over 12 months later banks are still issuing out cards deemed insecure by RBZ.

After speaking to people in the banking sector it became clear why banks didn’t comply. Issuing out EMV cards was too expensive for the banks. If anything the economic downturn might mean banks are actually in a worse off position.

Alternatively, maybe banks can pass on the cost to clients. Bank clients are already disillusioned by bank charges when transacting…


Quick NetOne, Telecel, Africom, And Econet Airtime Recharge

If anything goes wrong, chat with us using the chat feature at the bottom right of this screen

One thought on “Banks ordered to submit cybersecurity risk policies before October ends

  1. It is necessary for such policies to be in place, but they also need to make sure the bank has the capacity to execute it. These days some banks are incurring days of partial/full downtime without any known attacks being perpetrated. Which brings to doubt their capacity to handle a real attack when it happens. The motivation to perform attacks on Zimbabwean banks will increase as we continue to dollarise.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.