Kampala, Kampala – Diamond Trust Bank (DTB) has been awarded the ISO 27001:2022 certification, a globally recognized standard for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS).
This milestone, the bank said, marks its commitment to safeguarding customer data, enhancing operational resilience, and minimizing information-related risks across its entire digital ecosystem.
DTB’s Managing Director, Godfrey Sebaana, emphasized the implications of getting certified, noting that the bank now joins an elite group of institutions adopting a proactive, structured approach to risk management and data protection amid a complex and evolving cybersecurity environment.
“This certification represents a key victory in our broader PRIDE Strategy, which focuses on proactive risk mitigation, operational excellence, and continuous improvement to stay ahead of emerging cyber threats,” Sebaana said.
While handing over the certificate, Mike Kamau, Managing Director of Certi-Trust, the certification body, commended DTB for its commitment to information security excellence.
“We are proud to award this certification to DTB, recognizing their remarkable diligence and foresight in securing their digital infrastructure. This achievement sets a powerful benchmark for the entire financial services sector,” Kamau stated.
It should be noted however, that Uganda’s digital transformation has accelerated, with mobile banking, internet banking, and digital wallets becoming integral to financial services. However, this shift has exposed banks to increasingly sophisticated cyber threats.
According to Uganda’s National Information Technology Authority (NITA-U), the country has seen a steady rise in cyber incidents targeting financial institutions.
Hackers are exploiting vulnerabilities in digital platforms and legacy systems, while social engineering schemes, such as fake bank alerts, fraudulent loan applications, and impersonation scams, have grown more sophisticated. Additionally, large-scale attacks like Distributed Denial-of-Service (DDoS) and data exfiltration are becoming common in the regional threat context.
Ssebaana said the certification is also in response to the Bank of Uganda (BoU) guidelines on cyber security, requiring banks to implement risk-based controls, conduct regular vulnerability assessments, and report major cyber incidents promptly.
“The Uganda Bankers Association (UBA), in partnership with regulators and international stakeholders, has championed industry-wide initiatives including specialized training, threat intelligence sharing, and cybersecurity simulation exercises. This can only mean that we hold our clients’ data security in high regard,” he said.
Ssebaana noted that as Uganda positions itself as a regional fintech hub, cybersecurity will become an even greater priority for the entire financial services sector.
He urged banks to cultivate a deep-rooted culture of security, innovation, and preparedness by investing in next-generation technologies, and embedding cybersecurity considerations into every strategic decision.
