40 new privacy standards approved as cybercrime cases soar 50 per cent

The fight against growing cases of cybercrime on Monday got a boost with the approval of new 40 standards directed at safeguarding consumer privacy.

According to the Communications Authority of Kenya, cybercrime incidences rose by over 50 per cent in the fourth quarter of last year to 56.2 million from 35.1 million threats reported in the previous quarter.

Of note, malware and application attacks continued to rank highly among the factors that have contributed to the surge in cyber-security challenges.

On Monday, the Kenya Bureau of Standards (KEBS) said it has approved forty (40) new standards to be used by auditors, managers and management teams, trainers and assessors in the ICT to enhance information and cybersecurity and safeguard consumer privacy.

The new standards outline various techniques and methods for securing corporate information by an individual or managers charged with the responsibility of ensuring institutional data is safe.

“Consumers are increasingly adopting digital technology, the data generated creates both an opportunity for enterprises to improve customer engagement and a responsibility to keep it safe. The new guidelines provide a robust system to fight against cybersecurity threats, breach of privacy and other information security measures to ensure that Confidentiality, Integrity and Authenticity (CIA) of information is maintained during the creation, usage, storage and transfer of information,” says Bernard Njiraini, Managing Director, KEBS.

The standards also stipulate a framework for ensuring privacy in information and communication technology (ICT) systems that store and process personally identifiable information (PII).

Key among the approved standards include guidelines for information security management systems auditing, code of practice for electronic discovery, vulnerability handling process, online privacy notices and consent, cloud service metering and billing modes.

Others include the competence requirements for information security testers, the framework of trust for processing of multi-sourced data.

The World Economic Forum Report 2017 places technology threats in the top five societal and economic risks by likelihood and scale of impact, next to weapons of mass destruction. The public sector continues to dominate as the primary target of cyberattacks followed by financial services. Globally, 40 per cent of Small and Medium Enterprises (SMEs) that experience data breach due to cybersecurity attacks are likely to close within a year.

The efforts are the latest in the fight against cybercrime. It comes few weeks after the United Kingdom listed Kenya among countries in Africa to benefit from Sh3.3 billion cyberwar chest.

The money targets supporting national cyber response units, advising on consumer safety awareness online and setting up a joint Interpol cyber hub that will help nations mount joint operation on cybercriminals.

The United Kingdom (UK) through its Foreign Secretary Dominic Raab noted with concern the rising number of criminals that target online consumers and disrupting ease of doing business in the modern world.

As part of the new approach to bring down cybercriminals, the UK jointly with INTERPOL, is setting up a new cyber operations hub in Africa working across Ethiopia, Ghana, Kenya, Nigeria and Rwanda to support joint operations against cyber-crime.

“We are working with like-minded partners, to make sure that the international order that governs cyber is fit for purpose,” he said.

“We want to see international law respected in cyberspace, just as we would anywhere else. And we need to show how the rules apply to these changes in technology, the changes in threats, and the systemic attempts to render the internet a lawless space.”

The Kenya Bankers Association (KBA), a lobby group for local banks has noted a significant shift in bank customer preferences for digital services which, according to the association’s Customer Satisfaction Survey of 2020, stood at 43 per cent.

"While the banking industry's digital resilience has continued to promote continuity in the financial services sector, rising cases of fraud need to be addressed further through consumer education", says Habil Olaka, Chief Executive Officer, KBA.

"Monitoring fraud trends is critical as it enables stakeholders to identify awareness gaps and ensure the security of consumer monies is guaranteed," he said.