Mobile money transfer networks must notify Central Bank of Kenya within 24 hours of any cybersecurity incident, a new guideline says.
CBK issued the draft cybersecurity guidelines on Friday in an effort to crack down on rising financial service transaction fraud that saw consumers lose at least Sh17 billion last year.
The guidelines are expected to create a more secure cyberspace that underpins information system security priorities, to promote stability of the world acclaimed Kenyan payment system sub-sector.
It will also help maintain public trust and confidence in the national payment system by establishing a coordinated approach to the prevention and combating of cybercrime.
“The guidelines set the minimum standards that PSPs should adopt to develop effective cybersecurity governance and risk management frameworks in order to maintain a sound, secure and efficient National Payment System,”CBK said.
Under the new regulations rules, payment service providers will be required to place the cyber risks issue at the board and management level. The board is expected to set the right tone from the top in fostering a robust cyber risk management culture.
The regulations will compel…
