Ca­pac­ity build­ing, tool for tack­ling cy­ber­se­cu­rity —In­laks

The Punch - - INFORMATION TECHNOLOGY -

AFRICA’S in­for­ma­tion tech­nol­ogy sys­tems in­te­gra­tor, In­laks, has iden­ti­fied ca­pac­ity build­ing as a way to pre­vent cy­ber­se­cu­rity threats in or­gan­i­sa­tions.

This was high­lighted by the com­pany’s cy­ber­se­cu­rity Man­ager, Adeyemi Ade­miluyi, at the West Africa cy­ber­se­cu­rity Sum­mit or­gan­ised by Afro­cet Mont­gomery in part­ner­ship with KPMG Nige­ria in La­gos.

Ade­miluyi, who was a speaker at the sum­mit, ex­plained that with Nige­ria as the sec­ond on the list of the most at­tacked coun­tries in Africa af­ter Zam­bia in the 2017 Global Threat Im­pact in­dex, cy­ber­at­tack had be­come a global phe­nom­e­non that re­quired more tech­ni­cal, cre­ative and diplo­matic ap­proach to ad­dress.

“Ba­sic tools such as an­tivirus, fire­wall, in­tru­sion de­tec­tion and preven­tion sys­tems are no longer enough to com­bat to­day’s weaponised and so­phis­ti­cated mal­wares per­sis­tently launched by the cy­ber-ad­ver­saries. The im­ple­men­ta­tion of se­cu­rity tools is good to pre­vent in­ter­nal and ex­ter­nal in­va­sion but not panacea for cy­ber­at­tacks and cy­ber­crimes.”

He added that build­ing a cy­ber-re­silient or­gan­i­sa­tion was very im­por­tant for any or­gan­i­sa­tion that wished to sur­vive in the dig­i­tal age.

Ac­cord­ing to him, fight­ing cy­ber­at­tacks should be seen as the col­lec­tive re­spon­si­bil­ity and ef­forts of all stake­hold­ers within the or­gan­i­sa­tion and the cy­bere­cosys­tem in gen­eral.

“Since no or­gan­i­sa­tion, group or per­son is im­mune to at­tack, ca­pac­ity build­ing is key to win­ning the war and re­duc­ing the cost on cy­ber­crimes and at­tacks. Aware­ness train­ing and ed­u­ca­tion on In­for­ma­tion and cy­ber­se­cu­rity will def­i­nitely play a vi­tal role in stay­ing ahead of cy­berthieves,” he said.

“The weak­est link in the se­cu­rity chain should be mo­ti­vated, trained and em­pow­ered to be the best line of de­fence. Ef­fec­tive train­ing and ed­u­ca­tion will also help the work­ers to iden­tify threats, avoid ma­li­cious links and down­loads. The work­ers will also know their roles in the re­sponse plan and how to com­mu­ni­cate ef­fec­tively in the event of any at­tack.

“Aside from those that are in­volved in the day-to-day run­ning of the or­gan­i­sa­tion, other mem­bers of staff like the clean­ers and se­cu­rity per­son­nel need to be trained be­cause they are all part of the or­gan­i­sa­tion. Build­ing cy­ber-re­silience is build­ing a room for con­ti­nu­ity; so there is a need to em­ploy best prac­tices like in­for­ma­tion se­cu­rity prac­tices and busi­ness con­ti­nu­ity strate­gies. There must be col­lab­o­ra­tion among all, es­pe­cially the man­age­ment, IT team, in­for­ma­tion se­cu­rity team, and busi­ness oper­a­tion team to form a strat­egy that will suit the or­gan­i­sa­tion,’’ he said.

Ade­miluyi, who is the pi­o­neer pres­i­dent of cy­ber­se­cu­rity Ex­perts As­so­ci­a­tion of Nige­ria, a non-profit group of pro­fes­sion­als in the field of in­for­ma­tion se­cu­rity, said, “cy­berthreat can bring down an or­gan­i­sa­tion and cause rep­u­ta­tion dam­age. Imag­ine an or­gan­i­sa­tion that has been in ex­is­tence for over 20 years and be­cause the or­gan­i­sa­tion is be­ing at­tacked, cus­tomers de­cide to take away pa­tron­age. It is go­ing to af­fect the or­gan­i­sa­tion’s im­age, rep­u­ta­tion and per­cep­tion and can cause a huge dam­age to the or­gan­i­sa­tion, re­gard­less of the size.”

He added that In­laks had em­braced in­ter­na­tional best stan­dard to im­ple­ment the ISO27001 cer­ti­fi­ca­tion in in­for­ma­tion se­cu­rity man­age­ment sys­tem.

He said, “This means that we know the value of in­for­ma­tion se­cu­rity; we want to con­trol risks within our or­gan­i­sa­tion and con­tinue to im­prove our peo­ple, process and tech­nol­ogy.

“When it comes to mea­sures to be used to fight cy­ber­at­tack, we un­der­stand that there is a need for us to be in­no­va­tive and cre­ative be­cause cy­ber thieves are al­ways look­ing for dif­fer­ent ways to cir­cum­vent the es­tab­lished con­trol sys­tems. Our ad­vice to cus­tomers is to be ahead of cy­ber­crime per­pe­tra­tors and em­ploy a col­lec­tion of tools, poli­cies, frame­works, risk man­age­ment ap­proach and risk as­sess­ment ap­proach.”

Over the years, In­laks has built a rep­u­ta­tion as the fore­most ICT and in­fras­truc­ture so­lu­tions provider, help­ing cus­tomers ef­fec­tively seize new mar­ket and ser­vice op­por­tu­ni­ties.

Newspapers in English

Newspapers from Nigeria

© PressReader. All rights reserved.