Cybersecurity experts have advised Nigerian businesses to be watchful and proactive in protecting their businesses against cyberattacks.
They gave the advice while speaking during the ongoing 2-day ‘ThinkNnovation Cybersecurity Conference 2022’, organized by FITC in partnership with the Nigeria Inter-Bank Settlement Systems (NIBSS).
The experts warned that cyber-attacks against businesses are no longer a matter of ‘if’ but that of ‘when’. This is because cybersecurity threats are on the rise around the world, even as hackers continuously look for loopholes in the security architecture of businesses.
To this end, the experts warned that cybersecurity is no longer an issue that should be left to the IT personnel alone. Instead, it has become a problem which every company’s board of directors should strategise to prevent.
What they are saying
One of the panellists at the conference, Chimaobi Ezeibe, who is a Partner (Technology Risk Consulting) at KPMG Canada, said:
“Cyber risks are no longer a technology problem, it is a board-level problem. It is something that is evolving faster than people are adjusting to, and everybody is just playing catch up.
“Cyber-attacks have become so complex and so structured such that we now have state actors. Some hackers are being funded by governments to carry out attacks. This is more than a man with a briefcase and a laptop with access to the internet. It is becoming the new oil and gas and it has been projected to become more profitable than drug shipping by 2025.
This is why every business must be proactive about cybersecurity. We don’t want to be pushed by circumstances to make a decision. Let the experience of the COVID-19 pandemic be a warning; let’s be deliberate.”
Another panellist Opeyemi Onifade, a Practice Leader at Afenoid Enterprise Limited, said:
“Cybersecurity has become a business risk, if you don’t focus on it at the board level, your organization will not survive. It is not a question of if you will be attacked, it is a question of when. So, organizations have to be ready.
“Most of what our organizations do today in terms of cybersecurity is just to achieve regulatory compliance. It is more than that. We have to move from compliance to maturity. There should be an incidence response plan and the right people to execute it. You should also have good practices in place.”
He further noted that the increase in cyberattacks is fueled by the vulnerabilities in the security architecture of businesses.
“The more vulnerabilities you have on your system, the more attractive you are as a target for attacks. We talk about controls and compliance and all of that, compliance is very important, but compliance cannot be the basis for your cybersecurity strategy,” he said.
What you should know
- Businesses are losing billions of dollars to cyberattacks yearly, even though organizations are spending more on cybersecurity.
- In 2021, the total losses incurred by companies to ransomware attacks were valued at $21 billion, according to information shared at the conference.
- A global cybersecurity firm, Sophos, in its ‘State of Ransomware 2022’ Report disclosed that 71% of Nigerian businesses were hit with ransomware in 2021, up from 22% in 2020.
- The report revealed that 40% of the organizations that had data encrypted paid huge ransoms to get their data back, even when they had other means of data recovery such as backups.