Assessing Growing Cyberthreats to Africa's Financial SectorRob Dartnall of Security Alliance Shares Insights on Current and Emerging Trends
Financial services firms in Africa are becoming bigger cyber targets as they expand into new mobile payment and financial inclusion products. Rob Dartnall of Security Alliance explains why these firms need to invest in information sharing, training and new cybersecurity practices to avoid breaches.
Security Alliance recently worked with the World Bank as part of the Financial Inclusion Global Initiative to publish a paper calling for an intelligence-led analysis of the threat landscape for the financial services sector across Africa.
In the past, financial firms in Africa were somewhat immune to basic phishing and social engineering attacks because of language and cultural differences with Western countries. "But the thing is with those untargeted attacks, the infrastructure is getting bigger. That doesn't matter anymore because the attack surface is bigger," says Dartnall, CEO and director of intelligence at Security Alliance.
The rise of fintech firms, mobile payments and financial inclusion initiatives is creating more challenges for network defenders, he says, which is why central banks need better information sharing, "more guidance, more standards, putting money into resources internally, to kind of help set up these intelligence-led penetration testing frameworks."
"There's no better intelligence in the world than the type of intelligence that you can get from another bank in another country that you share a border with that's just had an attack," Dartnall says.
In this video interview with Information Security Media Group, Dartnall discusses:
- The impact of the growth of digitalization within the financial sector on the continent of Africa in the past few years;
- The current threat landscape for the financial services sector across Africa;
- Recommendations for ways central banks and government agencies can protect against cyberthreats.
Dartnall, who leads threat intelligence firm Security Alliance Ltd., began his career in military intelligence before transitioning into the cyber domain, where he advocates for the "intelligence preparation of the cyber environment." His primary focus has been designing intelligence-led resiliency programs, developing intelligence capabilities, creating intelligence-sharing frameworks and providing intelligence-led consulting engagements. Dartnall serves on the CREST Cyber Threat Intelligence Professionals subcommittee.