Author:
Mercy Muendo
(MENAFN- The Conversation) East Africa attracts millions of tourists every year. Over the past 10 years, itsearnings from tourism have doubled . Compared to the rest of Africa, the region is experiencinghealthy economic growth . This makes it a promising investment destination.
Factors like regional tourism, movement of workers and technology development have catalysed East African integration andcross-border banking .
Many cross-border banks originate from Kenya with branches across the region. One example is Kenya'sEquity Bank , which relies heavily on digital technology. The digital space hasmany positive attributesbut the threat of cybercrime and insecurity is prevalent.
Ugandalost 42 million shillingsto cybercrime in 2017. In 2018, Rwandalost 6 billion francs . In Kenya, between April and June 2019 alone, the country experienced26.6 million cyber threats .
Across the region, with the increase of digital banking,financial institutions have become targets . These institutions are attractive to cyber criminals because they hold the biggest cash reserves. Africa'sdigital infrastructure is ill-equippedto manage the continent's growing cyber-security risk.
Equity is a pioneer in online and mobile banking with technology thatmerges banking and telephony . However, it recently suffered a cyber-attack. Last month, Rwandan authoritiesarrested a cybercrime syndicatecomprising eight Kenyans, three Rwandans and a Ugandan. The syndicate had attempted to hack into the Equity Bank system. The group has been involved in similar attacks in Kenya and Uganda.
Early in the year, Kenya's director of criminal investigation issued warrants of arrest against130 suspected hackers and fraudstersfor alleged banking fraud.
These incidents show thatfinancial losses to cyber insecurityare a growing threat to East Africa's economy.
Cybercrimeoccurs through the use of computers, computer technology or the internet. It often results in identity theft, theft of money, sale of contraband, cyber stalking or disruption of operations.
Within East Africa, Kenya, Rwanda and Uganda are taking steps to manage the huge cybercrime risk. But the cyber attack on Equity Bank is proof that these countries need to do more to protect their financial institutions from massive losses going forward.
Regional instruments
The African Union'sConvention on Cyber Security and Personal Data Protectionis East Africa's overarching policy guideline on cybercrime. It was adopted by member states in 2014. The Convention is similar to the Council of Europe'sCyber Crime Conventionwhich established a cyber security on the European continent.
Rwandasigned the Conventionearlier this year, but it's theonly East African countryto have done so.
The Convention requires member states to share responsibility by instituting cyber security measures that consider the correlation between data protection and cybercrime. These measures will keep data safe from cyber criminals and preempt its misuse by third parties. It also encourages the establishment of national computer emergency response teams.
The Convention advocates closer cooperation between government and business.
The Convention also creates a provision fordual criminality . This means that cybercrime suspects can be tried either in the country where the crime was committed or in their home country. This provision is meant to ensure smooth cooperation and sidestep any conflict of laws.
There is also a provision on mutual legal assistance. This allows for member states to share intelligence and collaborate on investigations.
Even though Uganda and Kenya aren't yet signatories, they have nevertheless been establishing legal and policy frameworks provided for under the convention. Rwanda is doing so too, and as a signatory is one step ahead.
Rwandan approach
In 2015, Rwanda came up with a nationalcyber security policythat established aNational Computer Security and Response Centre . The centre detects, prevents and responds to cyber security threats. And in 2016, theRegulatory Board of Rwanda Utilitiesrolled out network security regulations to protect the privacy of subscribers. They also empower the government to regulate and monitor internet operators and service providers.
The country also has aNational Cyber Contingency Planto handle cyber crises.
Further, Rwanda's telecom network securityregulationsrequire service providers to secure their services by protecting their infrastructure. Every service provider must be licensed and must guarantee the confidentiality and integrity of their services. They must also set up incident management teams. These teams work with the government to manage cyber security threats effectively.
Additionally, Rwanda passed aninformation and communication technology lawin 2016. This contains provisions on computer misuse and cybercrime which criminalise unauthorised access to data.
The country has managed to build the foundations of a strong regulatory framework. It has also taken measures to raise awareness around cyber security. In fact, in the attack on Equity Bank, the authoritiesacted on a tip from members of the public .
Kenyan measures
In 2014, Kenya launched itsNational Cyber Security Strategyto raise cyber security awareness and equip Kenya's workforce to address cyber security needs.
In line with this strategy, Kenyaamendedits information and communications law to criminalise unauthorised access to computer data.
Kenya has also set up a national computer incident responsecoordination centreto consolidate key cyber infrastructure and create pathways for regional and international partnership.
Generally, Kenya has a robustcyber security policywhich includes a legal and regulatory framework. The result has been that impending cyber attacks are discovered before massive damage is done and ongoing attacks are rapidly arrested.
Uganda's security
Uganda has legislation to protect cyber security. This includes theComputer Misuse Actwhich ensures the safety and security of electronic transactions and information systems, and theRegulation of Interception of Communications Actto monitor suspicious communications. It also has a national computeremergency response team .
This regulatory framework is similar to those in Kenya and Rwanda. But in addition, Uganda has aNational Information and Technology Authoritythat provides technical support and cyber security training. It also regulates standards and utilisation of information technology in both the public and private sectors. These measures have boosted the countries'cyber security strategy .
While Uganda has these measures in place, Kenya and Rwanda aretwo of the top three cyber secure countries in Africa .
Moving ahead
Kenya, Uganda, and Rwanda have taken solid steps to harmonise cybersecurity processes, data protection, and collaborative prosecution and investigation measures.
They have criminalised cybercrime and established frameworks to manage cyber attacks. International cooperation within the region has also enhanced cyber security.
MENAFN0212201901990000ID1099357236
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.