Ibrahim Said, a seasoned Information Security Consultant with about 10years experience providing Cyber assurance for government parastatals, Financial institutions and software companies calls on the Nigerian Government to secure its cyber space by establishing a cyber security framework to safeguard sensitive data of Nigerians in the hands of its technology vendors.
Throughout his career, Said has been an advocate for security practices to be conducted with due diligence and due care.
He opines that with the government’s reliance on third parties for the execution of most of its technology operations, it is of utmost importance that it publishes a framework to assess and monitor the cyber security posture of its third parties.
This should be adopted by all government parastatals that make use of third party vendors and be extended to all corporate intitutions that process and store personally identifiable data of its citizens.
With Africa losing about $4bn annually to cybercrime and Nigeria taking a chunk of that at $500m annually, taking into consideration that cyber breaches are grossly under reported in Nigeria, these figures might be understated.
It’s about time the Nigerian government took proactive steps to put solid cybersecurity frameworks in place to protect its technology space, he said.
Said emphasized that in recent times, cyber criminals are utilizing generative AI to launch sophisticated, precision-level attacks.
They would go for the weakest link in any technology infrastructure, which is often a third party supplier with bad security posture.
He surmised that the Nigerian government needs to establish a clear framework to augument the Nigeria Data Protection Regulation (NDPR), the government should set clear rules and guidelines for securing sensitive data and mandate security assessments of all vendors that have accces to sensitive data.
Promote regular audits to ensure government parastatals and its vendors are compliant with the framework and requirements of the NDPR. Lastly, it should develop a comprehensive incident response methodology, Incident response plan and disaster recovery standards to include procedures for detecting, responding and recovering from cyber attacks.
Ibrahim Said concluded that cybercrime is costing Nigeria a arm and a leg. The government has a crucial role to play to help mitigate this. By setting up a strong cybersecurity framework, enforcing the NDPA, ensuring continuous monitoring and regular audits.
It is time for the government to act, not just for the sake of innovation, but to safeguard the trust and security of the Nigerian people. Let’s take proactive steps now, before it’s too late.
and then