Absa Chief Security Officer, Sandro Bucchianeri.
Absa Chief Security Officer, Sandro Bucchianeri.

There are many things that keep Absa’s head of security up at night, but common phishing e-mails from scammers are not in that list.

“Despite the 300% increase in phishing attempts we have seen across the financial industry since the pandemic began, I still sleep well at night,” says Sandro Bucchianeri, Absa’s chief security officer.

There has been an increase in cyber attacks on financial services companies in recent years with the latest being that of credit bureau Experian, which exposed personal information of as many as South Africans and almost 800,000 businesses.

Bucchianeri admits that awareness regarding cyber risk is the one thing that probably keeps him awake at night. “The key thing we are focused on is awareness, both by our employees and our customers,” he says.

Referring to the recent data breach at Experian as an example, Bucchianeri says despite the best systems and protections, its people that make errors and hence the focus on awareness is so necessary.

“Security can be quite boring, so as a way of generating awareness about it internally we have tried to make it fun and so we have hired a comedian to try to deliver the messages in a way our employees will remember,” he says.

The public too is becoming more aware of risks when transacting online, as can be seen in the decrease in click-through rates from phishing attempts that emanate from all over the world.

Bucchianeri quotes research from the International Information System Security Certification Consortium, or (ISC)², a non-profit organisation which specialises in training and certifications for cybersecurity professionals that estimates there will be a shortfall of about 4-million qualified cybersecurity experts globally by the end of 2021.

This is as a result of the shift to e-commerce and cloud-based information technology architecture, a trend that has accelerated during to the pandemic.

Absa is investing heavily to produce more graduates with the skills required to meet the 4-million job shortfall in cyber security. The Absa Cybersecurity academy the bank is building in conjunction with the Maharishi Institute was originally a reaction to accommodate the shift to automation. It was designed to help reskill Absa employees from the Africa regions by delivering a tailor-made course in a period of 15-16 weeks.

The idea occurred to Bucchianeri that a more comprehensive offering would help the bank plug gaps in the supply of vital skills it requires in the years ahead, as well as help to make a dent in the appalling levels of youth unemployment. The academy centres its efforts on empowering marginalised youths to becoming certified cybersecurity specialists.

“It has now expanded to become a three-year course. We have tried to mix the theoretical and the practical, so it also includes job shadowing, so that as soon as they graduate students can hit the ground running with their employers,” says Bucchianeri.

The academy’s first 24 “external” cohorts completed their first year in 2019 and have progressed to the inaugural second year in 2020. “Some of the students had never touched a computer before starting the course,” says Bucchianeri.

The academy’s ambitious goal is to graduate 300 individuals a year. Discussions are taking place with partners to expand the programme.

thompsonw@businesslive.co.za

Would you like to comment on this article or view other readers' comments?
Register (it’s quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.