Sunday, 6 January 2019

Nigeria -- Banks, PSPs race to comply with CBN risk-based cyber security framework

Central Bank of Nigeria (CBN) has released a risk-based cybersecurity framework and guidelines for Deposit Money Banks (DMBs) and Payment Service Providers (PSPs) which they must comply with by January 1, 2019.
This is in line with its new licensing regime as well as in compliance with Nigeria Cyber security act of 2015.

In a circular to the concerned organisations which accompanied the framework and guideline, CBN noted that the framework represents the minimum requirements to be put in place by all DMBs in their respective cybersecurity programmes.
In the guideline made available to Nigeria Communications week, CBN stated that: “In recent times, cybersecurity threats have increased in number and sophistication as DMBs and PSPs, use information technology to expedite the flow of funds among entities.
“In this regard, threats such as ransomware, targeted phishing attacks and Advanced Persistent Threats (APT), have become prevalent; demanding that DMBs and PSPs remain resilient and take proactive steps to secure their critical information assets including customer information that are accessible from the cyberspace.
“DMBs/PSPs should note that for a cybersecurity programme to be successful, it must be fully integrated into their business goals and objectives, and must be an integral part of the overall risk management processes.”
Ahmed Adesanya, IT Security and Connectivity Consultant, commended CBN for rising to the occasion of protecting the country’s economy with this regulatory framework.
He said that the risk-based cyber security framework and guideline have lifted the responsibility of cyber security from the IT departments of banks to board and top management issues.
“This framework will increase banks cyber security readiness in the event of any cyber-attack or electronic fraud and stakeholders in the highest authority of banks and payment service providers are now involved in addressing cyber security issues. This is a move in the right direction by CBN to protect customers of Deposit Money Banks and PSP,” he noted.
Engr. Ike Nnamani, chief executive officer, Demadiur Systems – a cybersecurity firm, said that the involvement of senior management in cyber security policies in organizations as contained in the CBN framework was listed in the 2017 Nigeria Cyber Security Report published by Demadiur Systems Limited.
“This became necessary because in the survey done in 2017 and even 2016 it was discovered that over 95% of the Nigerian business do not have a specific budget for confronting cyber treats.
Only when there is a problem that the IT team makes request for cyber security solutions and often it is not approved based on the fact that it not in the annual budget.
This has led to a situation where most organizations suffer cyber security losses that are avoidable if given priority.
“The decision by the CBN is therefore a welcomed development that will create a more secured cyber space for the country. It is recommended that other agencies and organizations adopt this policy also,” he said.

Microsoft challenges Nigeria to use technology to address unemployment

Image result for microsoft
Global tech giant, Microsoft, has challenged Nigeria to take advantage of technology to address the endemic problem of unemployment in the country.
Public Sector Government Leader, Microsoft Middle East and Africa, Salwa Smaoui, threw the challenge in an interview with our correspondent on the sidelines of a summit with government official titled ‘Re-imagining the future of Nigeria.’
Smaoui said instead of seeing emerging technologies such as Artificial Intelligence as a challenge, Nigeria could take advantage of such technologies and position its youthful population to be relevant in the emerging global knowledge economy.
 She listed cybersecurity as one of the areas where Nigeria could help to fill the gaps existing in the global pool of experts.
 According to the Microsoft egghead, a gap of 3.5 million people currently exist in cybersecurity and Nigeria can possibly exploit the opportunity through training and positioning of its youthful population to take advantage of the global skills gap in the field.
 Smaoui said that Nigeria could also be part of the forthcoming Fourth Industrial Revolution by repositioning its universities to train products that could take up opportunities that were available all over the world.
 She identified the management of energy as another area that technology could help Nigeria to reposition its economy, adding that through adequate deployment of technology, Nigeria can introduce transparency in the management of its oil and gas resources.
Smaoui said, “Digital transformation can enable a lot of Nigerians. When we talk about energy and oil; how can technology drive transparency? How can technology drive better management of subsidies to the oil companies? How can we diversify the economy so that it doesn’t stay on oil and gas?”
 She added, “Sixty five per cent of the population – they are going to school today – will work on jobs that we don’t even know. How do we prepare for that? How do we make sure that we are preparing a smart nation that will not only serve Nigeria but also serve the world?
The Microsoft leader also listed tax collection as another area that technology could help Nigeria to improve its economy. She said Nigeria could borrow a leaf from Zimbabwe which she said had leveraged the power of technology to transform its tax collection process.
She also advocated the use of cloud resources as a viable alternative to investing in data centres, adding that hybrid cloud could help any nation to safeguard its sensitive data resources.
Speaking at the event, Director- General of the National Information Technology Development Agency, Dr Isah Ibrahim, said that the Federal Government had recorded some successes in the deployment of technology to solve local challenges.
He said that the unflinching commitment of the government to stamping out the menace of corruption led to the implementation of Treasury Single Account driven essentially by information technology.