This month, The Fintech Times and the current Spotlight Middle East and Africa (MEA) series take a look at predictions in cybersecurity and the wider fintech space in 2021. Here, the experts from the Dubai Financial Services Authority (DFSA) and Kearney give their thoughts.
According to a report from Mordor Intelligence, the cybersecurity market in MEA was valued at $7.174 billion in 2019 and was expected to register a compound annual growth rate (CAGR) of 14.08 per cent during 2020-2025.
Peter Smith is currently the Acting Chief Executive at Dubai Financial Services Authority (DFSA). The independent regulator of financial services is conducted in or from Dubai International Financial Centre (DIFC), a purpose-built financial free zone in Dubai, UAE.
Peter comments, “First, what we can predict with certainty is that as financial institutions continue to advance in their digital transformation and increase the sophistication of their cybersecurity, so too will cyber criminals increase in their efforts and sophistication. Cyber risk is not going away, and it is not becoming any easier to combat. That said, phishing, spear phishing, and ransomware will continue to be top concerns in 2021. Although these methods in many ways deploy lower levels of sophistication and are well-known techniques, they still remain very effective, and the continued level of remote working has increased their effectiveness. No matter how strong a company’s cyber defences are it will still have vulnerabilities. In particular, companies will continue to increase focus on third-party service providers, both large and small. This will force increases in spending on cybercrime prevention across the spectrum of small, medium, and large size providers.
Second, we will see an increasing role of cyber insurers in raising cyber awareness, assisting companies in reviewing their cyber environments, and assisting companies to reduce control gaps in order to reduce claims costs and cyber insurance premiums.
Third, we will see more public-private partnerships, particularly with regard to information sharing. It is with this in mind that we created the DFSA Cyber Threat Intelligence Platform (TIP), the region’s first regulator-hosted threat intelligence platform, now with over  users.
Last, we will see increased scrutiny from regulators regarding the effectiveness of financial institutions’ third-party due diligence and ongoing cyber risk control monitoring.”
Prashaen Reddy is both a Principal and forms part of the executive team in Africa at strategy and management consulting firm Kearney. He also serves as a director on the board of the South African National Energy Association. Prashaen spent a large part of his consulting career working with companies to integrate strategy, operations and technology. Over the last 13 years his experience has been in not only developing strategy, but operationalising to deliver it. Most recently he has been advising the energy industry on the 4th industrial revolution and the implication of digital technologies across the value chain. He has worked with clients across globe and delivered projects operational and technology transformations in the US, Asia, Middle East and in Africa.
Prashaen says, “The MEA region continues to invest in digital technologies with governments driving forward their national visions and building their agenda for change on a commitment to digital transformation. Across the region but particularly in Africa this investment in technology infrastructure is seen as an important enabler to social and economic transformation. However, with this comes the rise of cyber risks preventing the full realization of the region’s digital potential.
In 2021, as we continue to emerge from the pandemic, the region is expected to be confronted by several cybersecurity threats.
- The realisation of the African Continental Free Trade Area (AfCFTA) will result in increased connectedness and the flow of people, goods and information making the region only as strong as its weakest link in terms of security systems and infrastructure as more data flows across the continent. The lack of regional wide policy and regulation on cyber security will create opportunities for cyber criminals.
- Even though there has been a recent slowdown in smartphone growth some parts of the region (Gulf Cooperation Council (GCC) and South Africa), overall the region has had continued growth smartphones meaning cyber criminals continue to target unsecure devices to install malware to take advantage of unsuspecting users and data.
- The rise of the use of social media across the region due to increased smartphone penetration and a young and growing middle class, means scams on consumers and business like infamous “Nigerian 419” scams are becoming more sophisticated, using social-engineering techniques to gather sensitive consumer and business data.
- Many businesses and governments across the region are seeing moving to more cost-effective, light and scalable infrastructure meaning moving more applications and data to the cloud. Cloud is certainly seen as a target by cyber criminals in 2021 looking to take advantage of enterprise and consumer data.
- Growth of IoT connected devices spurred by the roll out of 5G infrastructure will see increase attacks to gain access to data and control of these devices.
- Challenges in skills, reliable information, outdated applications and infrastructure and the rise in cyber warfare means countries across the region maybe come vulnerable to increasing attacks in 2021.
In tackling these risks in 2021, the MEA region, needs to elevate cybersecurity on the regional policy agenda (GCC, Africa and overall Middle East), ensure adequate investment in cybersecurity, implement public-private partnerships and collaboration and begin to build local capacity of next-generation cybersecurity capabilities.”
In summary, 2021 despite its challenges shows much activity not solely just in cybersecurity but in the wider fintech context for MEA.