Information and Communications Technology is quiet misunderstood. No
only 30 % of ICT projects always succeeded in the long term.
On 2/1/19, Patrick A. M. Maina via kictanet
<
kictanet@lists.kictanet.or.ke> wrote:
> There's a funny corporate culture that I have observed in Kenya that could
> shed some light on why local IT systems appear so vulnerable: TALENT
> COMMODITIZATION.
> Take the banking industry for example, I recall a while back seeing some
> chatter on twitter about how big brands UNDERPAY key IT staff (I.e. the
> hands on technical staff like sysadmins / app admins / dbadmins & devs) in
> order to "save" on manpower costs. In this day and age that is not an
> intelligent thing to do.
> Others assume that outsourcing to India will magically solve for costs,
> quality and security. I have worked on projects with "world-class" offshore
> teams and what I saw was a minefield of HIDDEN COSTS if you don't have your
> own savvy supervisory / QC team.
> Then there is the "contract fixes everything" fanatics. Contracts mean
> nothing if you can't detect shoddy work - and if going to court after the
> fact is almost impossible given risks of PR blowback (in image sensitive
> industries). In many cases such contracts are just for CYA (avoiding blame
> or passing audit reviews).
> Some tradition-heavy institutions still put IT under Finance directors / VPs
> or GMs instead of having IT representation at board level. This makes it
> hard for IT to push back on top-down "spreadsheet inspired" directives. You
> don't increase shareholder value by setting up your critical functions for
> downstream failure (or putting the entire org or at risk just to hit annual
> growth targets).
> Beefing up the Infosec unit is pointless if the underlying architecture is
> full of holes. There is only so much duct taping that can be done. Worse if
> that team is underpaid as well.
> It's also interesting that many local companies don't have a "specialist
> path" for technical talent advancement. This limits the political/decision
> making clout for technical talent as well as limiting their personal growth.
> Hopping / side hustling / track switching (e.g. to management) is the end
> result.
> These mistakes have cost the financial industry (for example) a whopping
> 17BILLION in potentially avoidable losses (and still counting).
>
> So much for HR "cost savings". :-/
> I think the Infosec crisis in Kenya is just a SYMPTOM of bigger
> "organisation and culture" issues - and short term thinking is right at the
> heart of it.
> "Financial institutions in Kenya have recently become a soft target for
> cybercriminals, with police records showing that they lost about Sh17
> billion to the fraudsters in 2016, up from Sh14 billion in 2015."
>
https://mobile.nation.co.ke/business/Police-probe-130-bank-cyber-fraud-suspects/1950106-4959008-12vounp/index.htmlBarrack O. Otieno