Keeping information systems secure is a complex calculus in today’s fast-changing landscape. Malicious attacks aren’t just perpetrated by disgruntled employees or random hackers. State-sponsored or supported attacks are a constant threat to many countries, companies and individuals.
Cybercrime is difficult to contain, partly because cryptocurrencies — as opposed to normal currencies — are used to pay for ransomware and other attack tools. To protect against these modern-day threats, small and large organisations must always remain vigilant.
Vigilance requires a regular audit of information systems, the ecosystem in which they operate and a periodic review of potential threats and vulnerabilities that attackers could exploit.
Cybercrime
Threats like these are not hypothetical or imagined; they are real. Cybercrime costs Africa $4 billion a year, according to conservative estimates. Losing $4 billion to cybercrime is a significant loss for a continent with an estimated GDP of $3 trillion.
There are more costs to cybercrime than just financial ones. An organisation’s reputation can be damaged, stolen data may be too costly to recover, and so is compromised intellectual property. Additionally, when critical systems, such as national election systems, are infiltrated or manipulated, or when healthcare systems are laced with malware that causes havoc for health workers, it can pose a national crisis.
The surest way to know what lies under the hood of information systems is by carrying out regular cybersecurity audits. Cybersecurity audits test compliance with an organisation’s security policies, security safeguards and standards that an organisation has put in place.
The audit exercise is comprehensive, reviewing an organisation’s IT infrastructure. Audits ascertain that appropriate policies and procedures have been implemented and are working effectively. It helps the management to understand the security and confidentiality of the information within the system, and whether the data is accurate, reliable and timely.
Malicious actors
This process informs the management of any weaknesses that could open the doors for malicious actors to gain access to sensitive information. It highlights poor internal practices that might result in employees accidentally or negligently breaching sensitive information; and can point out how an information system and allied processes are compromised to aid fraud.
Armed with audit findings, the management can embark on an exercise to seal any loopholes and build a moat around its critical IT systems.
It’s good practice that, with increased reliance on information technology, organisations conduct cybersecurity audits annually. More frequent audits may be necessary depending on the organisation’s size, the criticality of its functions and available resources.
Organisations should also conduct a cybersecurity audit whenever they make significant operational changes, such as migrating to a new system or when different systems are integrated after organisations merge.
Notably, every organisation needs a competent, relevant and effective information systems audit function to verify, report and offer guidance about the efficient functioning of the cybersecurity function.
Share this news
This Year’s Most Read News Stories
Britam half-year net profit hits Sh2bn on higher investment income
Insurer and financial services provider Britam posted a 22.5 percent jump in net earnings for the half-year ended June 2024, to Sh2 billion, buoyed by increased investment income.
The rise in half-year net profit from Sh1.64 billion posted in a similar period last year came on the back of net investment income rising 2.5 times to Sh13.27 billion from Sh5.3 billion.
“We are confident in the growth and performance trend that Britam has achieved, supported by its subsidiaries in Kenya and the region. Our business is expanding its revenue base while effectively managing costs,” Britam Chief Executive Officer Tom Gitogo said.
“Our customer-centric approach is fueling growth in our customer base and product uptake, particularly through micro-insurance, partnerships, and digital channels.”
The investment income growth was fueled by interest and dividend income rising 34 percent to Sh9.1 billion, which the insurer attributed to growth in revenue and the gains from the realignment of the group’s investment portfolio.
Britam also booked a Sh3.79 billion gain on financial assets at a fair value, compared with a Sh1.8 billion loss posted in a similar period last year.
The increased investment income helped offset the 12.7 percent decline in net insurance service result to Sh2.13 billion in the wake of claims paid out rising at a faster pace than that of premiums received.
Britam said insurance revenue, which is money from written premiums, increased to Sh17.8 billion from Sh16.6 billion, primarily driven by growth in the Kenya insurance business and regional general insurance businesses, which contributed 30 percent of the revenue.
The group has a presence in seven countries in Africa namely Kenya, Uganda, Tanzania, Rwanda, South Sudan, Mozambique, and Malawi.
Britam’s insurance service expense hit Sh13.6 billion from Sh11.3 billion, while net insurance finance expenses rose 2.6 times to Sh12.3 billion during the same period.
“Net insurance finance expenses increased mainly due to growth in interest cost for the deposit administration business driven by better investment performance. This has also been impacted by a decline in the yield curve, which has led to an increase in the insurance contract liabilities. The increase has been offset by a matching increase in fair value gain on assets,” said Britam.
Britam’s growth in profit is in line with that of other Nairobi Securities Exchange-listed insurers, which have seen a rise in profits.
Jubilee Holdings net profit in the six months increased by 22.7 percent to Sh2.5 billion on increased income from insurance, helping the insurer maintain Sh2 per share interim dividend.
CIC Insurance Group posted a 0.64 percent rise in net profit to Sh709.99 million in the same period as net earnings of Liberty Kenya nearly tripled to Sh632 million from Sh213 million, while Sanlam Kenya emerged from a loss to post a Sh282.2 million net profit.
Insecurity prompts Zanzibar to review its lucrative island leasing
The Tanzanian central government is planning to boost its security presence in the Zanzibar archipelago. A commission tasked with auditing the country’s security forces was appointed in July by President Samia Suluhu Hassan. It says it is concerned about the situation in the country’s Indian Ocean islands that are under the control of the semi-autonomous Zanzibar local government.Continue Reading
Zanzibar’s tourism body chairman Rahim Bhaloo resigns
Bhaloo, who is also Chairman of the Zanzibar Commission for Tourism (ZCT), cited pressing family issues as the reason for his departure.Continue Reading
