By Charles Mgbolu
Information Security Consulting firm, Global Info Swift (GIS) has partnered Security Technology Group STG in a bid to strengthen information security controls of financial institutions in the country.
This is against the backdrop of the mandate from the Central Bank of Nigeria to all banks to get their information security management systems certified by 2015,.
According to Mr. Afolabi Oke, Executive Director, GIS “In the wake of cashless society, we have to start embracing technology which comes with a lot of risks, these security certification procedures ensures that we protect the information access within our financial institutions. It means we have to standardise to international practices.”
Mr. Oke explained that when the entire financial sector complies, it makes it very difficult for hackers. “One of the requirements of ISO, is you must do what we call a variability assessment test, where you test your system and determine how to mitigate the risks that you have identified , with the test you know how strong your website is particularly with banks”
Mr Daniel Britz, CEO Security Technology Group explained that the certifications aim for sector leaders “If we want to get everybody to comply we cannot start at the bottom. If we make the big organisations comply with these standards, they will in turn force their vendors or agents to comply too to standards. It trickles down from there.”
“There must be no weak link in the sector,” says Mr Oke. “It is important that they all certify. The first line of defence is external, institutions must have access control, you must be able to ensure only authorised personnel ply within your operating systems. Many years ago, 419 used to be the talk of the day but now, gradually, you don’t hear about it again because people are becoming much more aware of how they can protect their information.
Because of this awareness a lot of organisation have been able to strengthen their internal processes . That is why the Central Bank insisted on getting certified as a regulator.