By Prince Osuagwu

The greatest war countries in the 21st Century currently face and must prepare to win for active participation in the global economy, is cyber warfare.

As cyber attacks increase in dimension, organisations across the globe are contending with loss of reputation, loss of customers, potential financial liabilities, regulatory notification requirements and sometimes, litigation.

Various reports both nationally and globally have raised serious concerns about the danger of cyber threats and the need for organisations to fortify their Information Technology infrastructure with effective internal controls and security solutions.

In Nigeria, business organisations, ministries, departments and agencies (MDAs) of government, are said to lose over N127 billion annually, translating to about 0.08 per cent loss in the country’s annual Gross Domestic Product (GDP).

However, experts have said that deploying  a veritable Enterprise Risk Assessment solution could help mitigate the loss.

A 2017 International Data Corporation (IDC) report, recorded that up to 62 percent of firms are attacked weekly; resulting in huge economic losses.

The report said as malware becomes more advanced with encrypted ransomware, the security breach on organisations may include loss of reputation, loss of customers, potential financial liabilities, regulatory notification requirements and sometime litigation instigated by customers.

At the Cyber Secure Conference organised by the Cyber Security Experts Association of Nigeria (CSEAN), another expert, Mr. Remi Afon quoted statistics which put the cost of cyber-crime globally at $700 billion per year.

He said the loss is projected to rise to about $2 trillion by 2019, due to the rapid digitisation of consumer lives and company records.

To address this menace, the need for organisations to assess their cybersecurity preparedness and deploy security solutions that help to identify contributing factors to the organisation’s overall cyber risk arises.

Such deployments will measure the organisation’s cybersecurity preparedness in consonance with its risks; determine risk management practices and controls that are needed for enhancement and informed risk management strategies.

Executive Vice Chairman of the Nigerian Communications Commission, NCC,  Prof. Umar Danbatta, at a cybersecurity forum in Lagos, noted that high level complexity of cyber attacks requires action at different levels, since cybersecurity has become an essential component of human activity.

According to him, “Whether it is broadcasting with digital TV or social networking, e-Commerce where you have mobile banking and financial services or e-Governance for government services management, governments, institutions and the society in general are increasingly embracing new technologies and at the same time becoming highly exposed to cyber-attacks”.

He advocated technical measures to enhance the resilience of cybersecurity infrastructure and safeguard systems against cyber attacks.

Meanwhile, a cyber security company, Nollysoft, has said that its Enterprise Risk Assessment (ERA) solution known as Tardigrade, is one of such security solutions ready to tackle cyber attacks on organisations in the country.

Chief Executive Officer of Nollysoft, Mr Sola Koleowo, said “Tardigrade Cybersecurity Assessment helps organisations identify their risks and determine their cybersecurity preparedness.  The assessment solution provides businesses with repeatable and measurable processes to inform senior management of their organisations’ cybersecurity preparedness over time”.

The ERA solution, Koleowo said, is based on best practice frameworks set by Federal Financial Institution Examination Council (FFIEC), Information Technology Examination Handbook (ITEH), National Institute of Standards and Technology (NIST), Cybersecurity Framework (CF) and International Standard Organisation (ISO 27001) and regulatory guidance.

According to him, the Tardigrade Internal Control solution enables organisations to understand deficiencies in their system of internal control to allow creation of effective mitigating controls to achieve business objectives. It is based on industry standard and best practices framework – Committee of Sponsoring Organisations of the Treadway Commission (COSO).

On the security requirement traceability matrix, Koleowo said, “Tardigrade Security Requirement Traceability Matrix solution allows organisations to effectively select security controls from standards and regulations for implementation either as a part of a Secure Software Development Lifecycle (SSDLC) or regulatory mandate.”

Subscribe for latest Videos


Comments expressed here do not reflect the opinions of vanguard newspapers or any employee thereof.