Left: Chairman, Committee of Chief Information Security Officers of Nigerian Financial Institutions (CCISONFI), Mr. Abumere Igboa; Managing Partner, Odili Okechukwu & Co., Ambrose Okechukwu; Chief Executive Officer, Cyber Technologies, Next Generation (Cyber Tech NX), Dr. Austine Ohwobete and President, The Information Security Society of Africa – Nigeria (ISSAN), Dr. David Isiavwe at the presentation of a core capability of CybertechNX in Lagos.
Cyber-security experts and stakeholders in the financial service sector have called on federal government to initiate and implement an efficient cyber-security infrastructure that would provide adequate protection for governments, organisations, and individuals in the country from palpable and ever-present cyber threats and attacks.
Among experts that gave the advice at the event with the theme: “CybertechNX Business launch and Cyber Capability Expose” was a Professor of Information Technology/Security, University of Arizona Global Campus, United States, Professor Austine Ohwobete, who is also a cyber-security expert that provides cyber-security coverage during rocket flight to the moon and back for a rocket manufacturing company in the United States of America.
Meanwhile, the President of the Information Security Society of Africa (ISSAN) and Group Head, Operations and Technology, Ecobank Nigeria, Dr.. David Isiavwe, said that evolving and sustaining premium cyber-security is very important because over $7 trillion is available to be stolen worldwide, including Nigeria, on the cyberspace.
Ohwobete, who is also the managing director of Cyber Technologies Next Generation Company Limited (CybertechNX), spoke after unveiling his cyber-security products and services to the Committee of Chief Information Security Officers of the Nigerian Financial Institutions (CCISONFI) recently in Lagos, acknowledged that Nigeria presently has a semblance of cyber-security plan, but pointed out that the plan is full of holes, gaps, and lacking in implementation timelines and milestones.
He said: “We need a national cyber-security policy and strategy that is functioning and not one that you spend money to just write on paper and let it be. Nobody hears about it. There is no organisation; no implementation environment that has been set up for its actualisation. But that is needed.
“A national cyber-security initiative will go a long way in making sure that there are frameworks and blueprints that people will need to adhere to keep their environment safe.”
He added that “at this point I think that there is a cyber-security strategy at the national level but there are a lot of holes and gaps in it and also there is a problem of implementation. For example: what is the implementation plan and what are the milestones. For now it remains an initiative that is yet to get to the level of implementation. So, we need to do that because it is critical.”
Ohwobete, who is also the chief executive office and cyber-strategist at Crypto Forensics Technologies, California, USA, introduced himself as a cyber-evangelist that would do in the country’s cyber environment what evangelists do best.
“So, starting from this point of stepping my foot into the (Nigerian) cyber security environment, I am going to start evangelising and talking to the government and identifying risk areas that governments and organisations need to look into.
“My responsibility, as a citizen, is to help identify gaps that need to be closed and internationally recognised practices and frameworks that are lacking within the Nigerian environment that are needed to be implemented.”
According to him, this has to start from the top. “The tone set at the top and the infrastructure level will determine to what extent organisations at the lower level of the eco-chain will take to make sure that they follow what is being done. So, organisations are responsible for securing their own neck of the wood. But the federal government needs to come up with cyber policies and cyber initiatives that will set the standard that organisations need to follow. That is what I think that will be done,” he said.
Also, Isiavwe, said that there is an urgent need to evolve a strengthened cyber-security system in Nigeria because of growing digitalisation of the country’s economic and social interactions as people now work from home and anyone with a smart cell phone could hop into the cyberspace from anywhere and attack nation states, organisations, and individuals.
“These meant that the threat landscape has just expanded significantly across the borders of any organisation and country,” he said.
According to him, the first thing the ISSAN is doing is advocacy. “We are engaging all key stakeholders to ensure that there is adequate constant collaboration. Everybody must work together because the entire cyberspace is as secure as its weakest link.
“We are also saying that every individual should be careful. Once a message doesn’t look right and it has a link, please do not touch the link until you have confirmed to know the person that actually sent that message. We want people to know how to protect themselves.
“Secondly, we are also taking steps to ensure that organisations also put in place the rudiments and the basics that are required to ensure that they are protected.
“Thirdly, there must be management buy in right from the board level, which I call ‘the tone at the top.’ If the board and senior management do not support it, it will just be a joke and there will be no security. Then we are building and focusing on human capacity development by engaging with experts to ensure that organisations remain secure and safe.”
On his part, Chairman, CCISONFI, Mr. Abumere Igboa, opined that there was a constant need to address the related challenges of ensuring continuous cybersecurity and data privacy through a strong national cyber-security infrastructure.
He added that lack of proper identity management framework is leading financial institutions to rely on other means for identity information such as BVN, stressing that only through concerted efforts by all industry stakeholders and government that can eliminate or reduce the activities of cyber criminals.