ITU's 160 anniversary

Committed to connecting the world

Digital Financial Services (DFS) Security Clinic Saint Lucia

​​​​​​​​​​​​​​​​​​​​​​Banner

The International Telecommunication Union (ITU) was pleased to invite the participants to the Digital Financial Services (DFS) Security Clinic Saint Lucia that took place on 18 November 2024 from 09h00 to 17h00 (GMT-4)​ in Saint Lucia​, Caribbean.​​

The event aligned with the 2022 ITU Plenipotentiary Resolution 204 and WTSA Resolution 89​, which advocate for the use of Information and Communication Technologies (ICTs) to promote financial inclusion. It aimed to provide key insights and practical guidance to DFS stakeholders about the best practices that need to be adopted by regulators and DFS providers to secure the DFS applications and infrastructure.

The main objectives of the DFS Security Clinic were to: 
Target audience
The main audience for the DFS Security Clinic included representatives from telecommunications regulators, national cybersecurity agencies, central banks, financial service providers, banks, mobile network operators, fintech companies, IT security solution providers, relevant government ministries, and other stakeholders.​​

Programme

09:30 - 10:00
Opening Session
10:00 - 11:00​Introduction to ITU DFS Security Lab and Knowledge Sharing Platform
This session provided a general overview of the ITU DFS Lab and the assistance that it provides to developing countries to adopt the DFS Security recommendations. This session also introduced the ITU knowledge sharing platform. The ITU DFS Security Knowledge Sharing Platform is designed to foster collaboration among regulators and other stakeholders in the development and implementation of security guidelines and best practices for Digital Financial Services (DFS).
​11:00 - 11:30​​Coffee Break
​11:30 - 13:00
ITU DFS Security Recommendations Part 1
This session highlighted the security measures to be implemented by DFS regulators and providers as mentioned in the ITU DFS security recommendations to secure the applications layer, telecom infrastructure and payment system infrastructure. In particular, the following measures were presented:

13:00 - 14:00​Lunch Break
​ 14:00 - 15:00
​​​ITU DFS Security Recommendations Part 2: Securing Mobile Payment Apps
As DFS cyber threats continue to evolve, protecting applications from vulnerabilities becomes paramount. This session explored continuous security testing and integrating security within the development lifecycle. Regulators, developers, security analysts, or IT manager, left with a comprehensive understanding of how to implement robust security measures that align with industry standards, ensuring the safety and integrity of DFS applications.

15:00 - 15:15
Coffee Break
​15:15 - 17:00
​Cyber Resilience Self Assessment for DFS Critical Infrastructure 
This session introduced the ITU cyber resilience toolkit for regulators to safeguard critical digital finance infrastructure. This session also included an exercise designed as an interactive tabletop session, where participants were organized into groups, each focusing on a distinct aspect of cyber security: Risk management, governance, testing, training & awareness, protection, and incident response.
​​17:00
Closing Ceremony​​