TECHNOLOGY
Fortifying Sacco Cyber Security Posture: Effective Strategies Against Cyber-Attacks By June Njoroge.
S
avings and Credit Cooperative Societies (SACCOS) have swiftly embraced the age of digital disruption at full tilt especially in the wake of the Covid-19 pandemic, adopting technological advancements in their operations. However, this shift has posed a critical security challenge, exposing a dire vulnerability that needs to be urgently addressed. Before a Sacco embarks on adopting a financial technology infrastructure, there is need to prioritize getting a proactive and quality security methodology.
of bad news about cyber-attacks, identity theft, data breaches and hackers; Co-operatives need to implement quality cyber security processes, applications and procedures; which strengthen their defenses thereby setting up a security blanket around the Sacco. Before implementing effective cybersecurity strategies, Saccos should be aware of their critical assets and what their value is, establish potential risks, implement security controls, be aware of their internal and external threats then eventually evaluate and strengthen their cybersecurity posture. A cybersecurity posture
Saccos should implement effective security controls to help manage their risks and protect critical data assets from intrusions, security incidents and data loss. They are critical to detect, avoid, counteract and minimize security risks. There are several types of security controls that need to taken into account; preventive controls which attempt to prevent a security incident before it occurs; detective controls which identifies a security incident while its happening or shortly after; corrective controls which limit the damage following a security incident; catapulting the business to get back on track.
Co-operatives need to place a lot of emphasis on security, because they hold large amounts of highly sensitive data about members including financial and personal information such as credit scores, banking information and investment history. According to a cyber-security report in 2018, Kshs. 466 million was lost through computer fraud, business emails, fake cheques and identity theft. Challenge 2025 on the digitalization of the global cooperative movement set by the World Council of Credit Unions (WOCCU), identifies cybersecurity as one of the key focus areas to measure digitalization in Co-operatives. Cybersecurity refers to a set of strategies, techniques and controls to reduce risk and ensure that data assets are protected. Cybersecurity is of paramount importance and its fundamental for Saccos, to ensure that members’ data and funds are secure. With a constant barrage
10
SACCO TIMES | DECEMBER 2020 - JANUARY 2021
assessment can help indicate how healthy or resilient a Co-operative is, when it comes to cybersecurity and how effectively it can protect against potential cyberattacks. Being aware of their cybersecurity posture, Saccos can develop a long-term security strategy that will protect them. It can also help in outlining a concrete roadmap that can help strengthen their cybersecurity defenses over time.
Saccos need a control based approach that can secure its infrastructure against intrusions, reduce its risk, strengthen its security posture, whilst lowering operational costs. Below are critical security controls that Saccos can start with, which were issued by the Center for Internet Security (CIS). 1. Saccos should take an inventory of authorized and
