Committed to connecting the world

ITU Council 2024 Advanced Search

DFS Security Clinic for Regulators (Telco and DFS) in Lesotho

​​​​​​Lesotho DFS

The International Telecommunication Union (ITU), together with Lesotho Communications Authority (​LCA) and Central Bank of Lesotho (CBL​), organized the DFS Security Clinic for Regulators (Telco and DFS) in Lesotho​ that took place on 16-17 April 2024, which was held online via Zoom. ​

The Security Clinic provides deep dive sessions to share insights, recommendations, and lessons from the FIGI Security Infrastructure and Trust working group to DFS and telco regulators.

Objectives
  • Providing an overview of the security threats to fintech and digital financial inclusion;
  • Identifying technical and organizational security and risk management best practices to mitigate the identified threats which are in the ITU DFS Security Recommendations;
  • Showcasing the ITU digital financial services (DFS) security lab and the practical guidance provided to developing countries for digital financial services security;
  • Exploring the ITU Cyber resilience assessment toolkit so regulators can self-assess the cyber resilience of critical infrastructure for digital financial services.

Target audience
  • The DFS Security Clinic is targeted at representatives from telecommunications regulators, national cybersecurity agencies, Central Banks.
  • Knowledge share among DFS stakeholders in Lesotho to advance digital financial inclusion for all.


Draft Programme


Day 1: 16 April 2024 ​

​​​​10:00 - 10:10
​Welcome and Introductions
​10:10 - 11:10
​Introduction to ITU DFS Security Lab and Knowledge Sharing Platform 

This session provided a general overview of the ITU DFS Security Lab and the assistance that it provided to developing countries to adopt the DFS Security recommendations. This session also introduced the ITU knowledge sharing platform. The ITU DFS Security Knowledge Sharing Platform was designed to foster collaboration among regulators and other stakeholders in the development and implementation of security guidelines and best practices for Digital Financial Services (DFS).
11:10 - 11:20​​Coffee Break
11:20 12:20 ​DFS Security Assurance Framework 

This session discussed the DFS security assurance framework that could be implemented by DFS providers to better manage the risks and mitigate their impact.
​​Related Reports:

Day 2: 17 April 2024 

10:00 - 11:00
​DFS application security best practices and DFS Application Security testing

Following up on the ITU DFS security recommendations on Day 1, this session continued the elaboration of the security control measures to the application layer. As DFS cyber threats continued to evolve, protecting applications from vulnerabilities became paramount. The DFS application security best practices included in the ITU DFS security recommendations were adopted by regulators to establish a minimum security baseline for DFS providers to build in security at the design phase. This session explored the security tests that were conducted in the ITU DFS security lab to verify compliance of mobile payment apps against the Security best practices.

Speaker: Arno​ld Kibuuka, Project Officer, TSB, ITU
​11:00 - 11:10
Coffee Break
11:10 - 12:00​
ITU​ DFS security recommendations

This session presented the security measures from the ITU DFS security recommendations to be adopted by DFS regulators and providers to secure the telecom infrastructure and payment system infrastructure. In particular, the following recommendations were presented:
Related Reports:
12:00- 12:30​DFS Cyber Resilience Framework 

This session introduced the ITU DFS cyber resilience toolkit for regulators to safeguard critical digital finance infrastructure. 

​​​​.
​​​






© ITU All Rights Reserved

Back to top