During the workshop hosted by Mauritius Finance in collaboration with the Financial Services Commission (FSC) and Rogers Capital titled Wake up Call for Directors, CEOs & CXOs at Hennessy Park Hotel on July 6, Minister for Financial Services and Good Governance Mahen Kumar Seeruttun announced that a Cybersecurity Awareness Training under the ambit of his Ministry is in offing and designed to promote the desirable culture one wants to see.
He underlined: “The aim is to instill in current and future generations a positive Cybersecurity Mindset and Culture. Positioning our jurisdiction as a Fintech Hub is very ambitious and in this respect, a strong Cybersecurity culture promoted by Boards and the C-level remains a critical success factor to keep our country the safest place to live and do business online.
The Minister shed light on the event whose aim is to assess reasons for the frequent cyber attacks unfurling and posing as deep concerns for businesses, relying on the CISCO report 2022 Cybersecurity Almanac revealing that the cost of cybercrime is poised to hit USD 10.5 billion by 2025 coupled with an excess of 33 billion records at risk to be stolen by cybercriminals by 2023, representing an increase of 175 percent from 2018. There is a need for heightened public-private cooperation to bolster the preparedness and resilience of Mauritius coupled with the International Financial Centre poising as the nerve center for the rest of the economy with a need to take timely and decisive steps.
Minister Seeruttun outlined several initiatives heralded by the Government such as Cybersecurity and Cybercrime Act 2021 having been introduced to pave the way for a National Cybersecurity Committee comprising public and private stakeholders to discuss issues pertaining to cybersecurity and cybercrime promoting capacity building, among many; ITU Centre of Excellence in the field of cybersecurity has been set up with an online training facility on Cybersecurity Risk Management; Active engagement with regional partners such as AfricaCert, the African Union Commission and SADC on cybersecurity measures; Mauritius participating in the EU Cyber4D (Cyber Resilience for Development) activities since 2018, an EU initiative promoting cyber resilience and cybersecurity to protect public and private enterprises spanning across the world.
Chief Executive at the Financial Services Commission (FSC) Dhanesswurnath Thakoor on the outset remarked that in 2021 the Bank of International Settlement mentions in a report on COVID 19 and Cyber Risks in financial centres that the sector was the subject of attack more than in other sectors. Conversely, the total costs of cyber incidents when added to the cost of putting security risk measures in place were assessed at USD 1 trillion dollars in 2020 constituting 1 percent of world GDP in cyber security. He argued that shows that by all means security remains more essential than ever where the reputation of an IFC is also measured by its ability to put in place an adequate system, procedures and laws to effectively fight cyber criminality.
“Today, our IFC is at a critical juncture in its continuous pursuit to help establish the jurisdiction as a hub for emerging technologies while being on a transformational journey from the adoption of disruptive technologies, in particular across the FinTech areas for economic transformation and financial landscape offering wide-ranging opportunities.”
However, he argued that financial services become increasingly reliant on technology, and so does the impact of disruption whether accidental or intentional by threats and their perpetrators where even minor security incidents can easily undermine trusts or derail operations.
He further added: “Today, we have licensees taking a slew of strategies towards compliance where the FSC expects a security culture, driven from top to town, from board members to senior management and every employee. We are working on an updated guideline to give the industry a greater focus for resilience as well as providing further guidance for new technologies and emerging cyber threats.” Thakoor said that one of the main objectives is to help develop financial sector resilience to cyber risks in giving impetus to better cyber hygiene.
He enumerated key initiatives heralded by the FSC such as: Setting up a joint committee between the FSC and Mauritius Finance to act as a springboard between the regulator and the industry on cyber security; Empowered committee to provide consultative advice and feedback pertaining to huge cybersecurity guidelines that the FSC will shortly introduce; Currently, exploring areas spanning across digital identity and digital signatures to foster business process and improve trust and security, as most important in Financial Services.
The FSC head also spoke about digital forensic skills and capability regarded as a huge priority with close cooperation needed to ensure greater resilience of the financial sector in the face of attacks where the FSC will look into areas of cooperation with EU regulators to enhance cyber security capabilities; Embarking on a continuous path to assess data footprint and improve FSC’s data collection process to help ensure on collecting only data needed.
Thakoor also enumerated an awareness campaign on virtual assets and Initial Token Offering where service providers dealing with the virtual need to apply for their relevant activity license to the FSC, appealing to the public not to engage with people or licensees lacking a proper license. “Cyber security remains a common interest for one and all as regulators and industry players need to work hand in hand to achieve a secure financial system for the jurisdiction. Although the monetary cost of improving cyber security is high, the cost of successful attacks in terms of both financial damage and reputational damage is far higher,” he insisted.
Chief Executive of Mauritius Finance (MF) Samade Jhummun underlined that the financial industry, in particular banks and Management Companies has become prime targets of cyber criminals set against the context of organizations spanning across the industry keeping highly critical, valuable and sensitive data.
For Jhummun, all the other organisations in the financial services sphere have always been concerned about cyber security risks and they are even more concerned with cyber threats pertaining to huge penetration of risks and even existential threats not limited to organisations and also to jurisdictions. He emphasised the prime objective of the event to host risk awareness on the importance of cyber security thus calling on the need for the IFC to ensure our systems are effective. Secondly, in the current context, an increasing number of people spend more time outside the office than inside by being connected to devices not directly wired to servers where transactions to mobile are more exposed to hazards and risks. Thus, there is an increasing need to better protect the MIFC.
During the session, Managing Director at Rogers Capital Technology Dev Hurkoo made a presentation discussing cyber attacks, vulnerabilities and the need for a holistic approach to build Cyber Resilience for Organisations and the country. He also discussed on services provided by Rogers Capital such as Cyber Security Advisory Lab, Cyber Risk Management, and Cyber Security Audit, among others.
