2024-07-20 –, Track 2
The study proposed a conceptual framework for South African commercial banks as a direct response to the exponential rise of cyber-attacks and threats. It proposed this framework by identifying the factors impeding commercial banks from developing their own frameworks. The factors were identified using a mixed methods approach, with qualitative data collection facilitated through interviews and quantitative data collected by means of a survey distributed to IT, risk, compliance, and governance.
Cybersecurity has emerged as a significant concern for organisations and the Information Communication Technology (ICT) domain during recent decades. An increase in the number of cyber threats and cyber-attacks has been observed recently, and an even sharper increase was noticed during the worldwide coronavirus (COVID-19) pandemic outbreak. Simultaneously, the complexity of the cyber-attacks being executed by threat actors has increased, and the scope and geographical location of the targets of threat actors have also widened to include critical infrastructure in all corners of the world. Commercial banks in South Africa have not been spared. This is because financial institutions are seen as valuable targets by cybercriminals and communicators of advanced persistent threats (APT) due to the nature of their business and the vast amounts of data they store.
The study proposed a conceptual Cybersecurity Framework for Commercial Banks in South Africa. It proposed this by identifying the factors impeding commercial banks from developing their frameworks due to the challenges faced by the banks regarding cybersecurity from a South African perspective. The factors were identified using a mixed methods approach, with qualitative data collection facilitated through interviews with professionals within the banking domain in South Africa and quantitative data collected using a survey distributed to IT, risk, compliance, and governance professionals in commercial banks. The study identified seven factors contributing to establishing a cybersecurity framework for commercial banks. By addressing these factors, some of the challenges experienced by commercial banks regarding cybersecurity in the country can be addressed, which will improve the security posture of the organisations, internally and externally.
The study proposed that the stronger the coherence among the identified factors, the better commercial banks can defend themselves from cybercriminals. The findings further highlighted that for commercial banks to address the challenges posed by cybersecurity adequately, they would have to address cybersecurity holistically, placing equal emphasis on people, processes, and technology. They would also have to implement better security education, training, and awareness programmes for their employees and customers. In addition, commercial banks would have to bolster their capabilities for detecting and responding to cyber-attacks and collaborate more through establishing a national information sharing and analysis centre (ISAC). Furthermore, the study reinforced the need for commercial banks to invest in improving their cybersecurity detection, response, and remediation capabilities. Given the global shortage of skilled cybersecurity professionals, organisations should focus on developing talent internally through upskilling and breaking down barriers to entry into the cybersecurity domain.
Given the nature of cybersecurity and the sensitivity of the information associated with cybersecurity, the key limitation the researcher faced when conducting the study was a failure to obtain the necessary permissions to carry out the survey within the banks and to get first-hand accounts of previous incidents and how they were dealt with. During the study, it became evident that cybersecurity is a field that commercial banks and the South African government are still in the process of coming to grips with. Future research could investigate how well the cabinet's new laws and regulations have had the desired impact on cybercrimes and cyber threats within the country. Additionally, to gather a more comprehensive picture of the threats and patterns of bank attacks, further studies could focus on obtaining the necessary permissions and clearance to study cyber-attacks and threat actors within the banks. Due to its sensitivity, this will enable better data collection and access to information that is not publicly available. In addition, an investigation into how the frameworks within banks are developed to support cybersecurity may also be carried out.
Tlhologelo Mphahlele is a cybersecurity professional currently working within the cyber threat intelligence domain for one of the banks in South Africa, where he applies his knowledge and experience to safeguard financial infrastructure.
With a doctorate in Information Systems from University of the Western Cape and a Master's degree in Security and Network Engineering from Innopolis University in Russia, Dr. Mphahlele has a solid academic foundation in cybersecurity. His professional journey spans diverse sectors, including banking, telecommunications, and retail, where he has honed his skills and expertise in security practices and protocols.
Dr. Mphahlele is not only active in the corporate realm but also contributes to academia. He plays a vital role in shaping the next generation of cybersecurity professionals by contributing to content for one of South Africa's higher education providers in cybersecurity and network engineering modules.