Information security stakeholders have laid out the recipe for activating a secured cyber environment for Nigeria. Speaking at the Annual Cybersecurity Conference organised by Information Security Society of Africa –Nigeria (ISSAN) on Tuesday, stakeholders from the financial and information technology sectors stressed on the need for collaboration and organisational security consciousness as means of ensuring that cyberattacks are mitigated in organisations.
In his address at the event which had its theme as ‘Cybersecurity Imperatives For Business: Practical Considerations’, ISSAN Board Chairman, and General Manager, Eco Bank, Dr. David Isiavwe highlighted the importance of cybersecurity in the wellbeing of every organisation and spoke of the need to urgently address issues around cyberattacks, especially in the financial sector.
Several cybersecurity challenges and solutions were brought to the fore at the event.
Dr. Austine Ohwobete, Managing Director, CyberTechNX, spoke about vendor risk assessment and individual management, while taking a 360o look at the organisation’s environment as a means of identifying and curbing cyber threat incidences.
Mrs. Rakiya Mohammed, Director of IT at CBN, who spoke on ‘eNaira: The Journey So Far’, reiterated the need to ensure that alternative transaction channels are created, which gave rise to the birth of the Federal Government’s eNaira.
She noted that the digital currency still need to be widely accepted hence the need for accelerated public enlightenment. “There is still a lot to be done in terms of enlightenment”.
She revealed that eNaira boast of being the 6th in global volume of transaction rating, with 12 banks currently transacting on it, and has been carefully designed with robust security features.
Similolu Akinnusi, founder and CEO of Mint FT/Innovative, spoke on the need to ensure systems are resilient to cyber attacks, and build on the principles of data pillars, which are Confidentiality, Integrity and Availability. Also there is a need for policy content monitoring.
He noted that threats are going to come worse and stronger. “The internet was originally designed to be an open system, it wasn’t meant for running the world with, so we need to think of securiring the architecture.”
Basil Udotai, former Director of Cybersecurity, NSA and Managing Partner, Technology Advisors, noted that there is a major loophole in cybersecurity in Nigeria.
He pointed out that the loophole is in certifications. “Cybersecurity is about technology, process and people. There has been process in technology and processes, but zero progress with people.”
He explained that most certifications encourage fortification of technology and processes, but do not consider certifying the human factor in cycersecurity. “If cybersecurity is about technology, process and people, the people element should be neutral to technology originators. People-oriented certifications should be commercialised.”
He further maintained that there should be local approach to our local cybersecurity issues. “The last joint to secure cybersecurity is to take the tech culture from all parts of the world and develop a cybersecurity architecture that borders on human certification.”
Mr. Harrison Nnaji, the Chief Information Security Officer (CISO) of First Bank Nigeria, listed some of the security measures to be taken by organisations to include data erasure (primary and secondary erasure), encryption, access restriction, backup and recovery, data masking, among others.
He challenged organisations to “own the data” they collect from people, and not to collect data they cannot secure. He further charged organisations to identify and classify their data for easier protection.
Speaking on “Balancing Cybersecurity & Seamless Customer Experience in the Digital World”, Prince Ayewoh, Group Head, Customer Fulfillment Centre (CFC), United Bank for Africa (UBA) Plc, noted that there is a need to engage every department in an organization to tackle cybersecurity, even the human resources and employment process.
He further challenged the CBN to make banks seat up to be proactive, rather than reactive to their security infrastructure.
In a panel discussion, the stakeholders unanimously agreed that the level of cybersecurity in Nigeria is still low, especially in organisational structures, and called for collaboration between all stakeholders in areas of data sharing and infrastructure sharing.
Data remains the most viable tool to fight cyber threats. Stakeholders maintain that shared infrastructure and data on cybersecurity will go a long way in mitigating against cyber threat. These include shared platform and shared services.
Dr. Adewale Peter Obadare, the Co-founder/Chief Visionary Officer of Digital Encode, while expressing his views at the panel session, noted the need to build cybersecurity intelligence quotient, while will comprise of Augmented Intelligence to check what is happening on the system real time, Anticipatory Intelligence to analyse what could happen, and Assistive intelligence to determine needs to be done.
He further recommended that digitisation, digitalisation and digital transformation should be addressed.
“Strike the balance between the investments in people, technology and processes to fight insider fraud.”
In her view, cybersecurity expert with Airtel Nigeria, Mrs. Joy Omoruku, tasked ISSAN to look at schools curriculum to make input that will include cybersecurity.
She also proposed that the Association look into recruiting smart students at graduation to groom them on cybersecurity practices.
Mrs. Omoruku was also of the opinion that ISSAN could set up ‘ISSAN For Students’ to equip and empower students with relevant skills, and teach them what is expected of them.