Assessing Cybersecurity Readiness in Ethiopia Fintech Sector
No Thumbnail Available
Date
2024-10
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Addis Ababa University
Abstract
Ethiopian fintech sector brought a significant transformation on the financial transaction and payment
instrument business. This change however poses concerns on various stakeholders that the country’s
ability to protect the business and to mitigate the risks caused by bad actors to exploited the vulnerability.
The research aim to investigate the cybersecurity readiness and preparedness of fintech and also how
their practice is met the international standard through answering three research questions.Regulators
and fintech companies the major stakeholders this study utilized the proposes of got the relevant information.
The research identified governance, resilience and competency as a core variable to evaluates
the readiness of the sector which is very much mapped with the international standard including NIST
CSF, ISO/IEC 27001 and FFIEC. The study also prepared two separates the questionnaires to address
the two participants current cybersecurity practice. The collected data analyzed and observed that there
is clear gap and lack of readiness. The sector lacks comprehensive framework that meet the international
standard according to the research findings. There was limited practice of the backup, business continuity
plan and an incident response plan which impact the resilience of the sector. The other challenge
this research identified was inadequate skilled cybersecurity experts and awareness level that impacted the
competency of fintech ecosystem to enhance the awareness level as well as creating cybersecurity culture.
The research developed a cybersecurity assessment framework that help the sector to protect their critical
assets through a proper evaluation and assessment their risk and weakness. The proposed framework
subjected to went through a validation process to make sure the framework relevance to the challenged
identified in the research and met the basic global standard. The research concludes with valuable recommendations
and consideration to enhance cybersecurity practice, collaboration and developed tailored
cybersecurity framework for continuous improvement..
Description
Keywords
Fintech, Cybersecurity, Fintech Company, Regulator, Standard, Framework