CREST, the not-for-profit accreditation and certification body for the technical security industry, has received a grant of $1.4 million from the Bill & Melinda Gates Foundation to help increase cyber security capacity in Nigeria, Uganda, Tanzania, Kenya, Ethiopia, Pakistan, Bangladesh and Indonesia. Robust growth, adoption and usage of digital financial services by the poor can help provide the means to participate in the formal financial sector, capture income generating opportunities and smooth consumption through savings and other financial products. The growing reliance on digital infrastructure and increasing sophistication of threat actors requires significant attention and investment in managing cyber risk.
The funding will support threat-intelligence led system penetration testing through a trusted provider ecosystem, to improve cyber security resilience. CREST’s mission is to help the local industry professionalise and mature. It works proactively to raise standards, define measurement frameworks and build capability, capacity and consistency. It will also work with regulators in select countries to promote a more cyber-secure and cyber-resilient digital infrastructure for banking and financial services, by advising on local standards for testing critical infrastructures.
This initiative will build on the work done by CREST in the UK with the Bank of England and in other countries such as United States, Canada, Singapore and Malaysia, where it has developed frameworks and certifications to deliver bespoke, threat intelligence-led cyber security tests that replicate behaviours of real attackers.
The funding from the Gates Foundation will also be used to build the capacity of the private sector to deliver security services in accordance with globally accepted standards and processes in the eight designated countries noted above through training and accreditations.
The funding runs over two years with an initial research and market analysis phase to identify the current cybersecurity maturity in each market. The grant will help establish five or more CREST accredited member companies in each of the designated countries and deliver 100 fully funded CREST exams and 200 with 50% funding by the end of the funding period.
“Every country across the world is under increasing threats from cybercrime. This project will help build stronger cybersecurity capacity in eight fast-developing countries,” said Ian Glover, president of CREST. “The grant is recognition of the work CREST has already done in the UK and other countries such as Australia, Singapore, Malaysia, Hong Kong and North America. It will support a dedicated research capability within CREST and help to build a robust model that can also be applied to other regions.”