The Guardian has revealed that banks in Nigeria will report all cyber incidents starting from August 1, 2018.
This comes after a draft document by the Central Bank of Nigeria (CBN) mandated banks to incorporate cyber risk management with their institution-wide risk management framework and governance requirements, to ensure consistent management of risks across the institution. The document also noted that effective risk management reduces adverse impact on an organisation by addressing threats, mitigating exposure, and reducing vulnerability.
The framework, banks are required to appoint qualified candidates who will serve as “Chief Information Security Officer (CISO)” responsible for overseeing and implementing cybersecurity programmes.
With the new framework, banks are expected to take full responsibility of cyber incidents and board and senior management are required to support and be involved in the cyber risk management process by ensuring that resources and capabilities are available and the roles of staff properly defined in management of risks.
Meanwhile, a report by the Nigerian Electronic Fraud Forum has revealed that electronic banking fraud cases over the last three years are at USD15 487 million. Data released by NeFF showed that while the value of fraud perpetrated across counter has been on the decline over the last three years, fraud through transactions done via ATMs and mobile banking have been on the increase.