ICT Clinic (Punch Newspaper)

Improving cybersecurity consciousness [ICT Clinic]

I am a committed advocate of technological advancement and development in Nigeria because I regard it as one of the sure ways of dealing with the hydra-headed problem of corruption and other vices. However, at the back of my mind, I understand the risks associated with such advocacy and that is the possible catastrophe ahead, if we don’t get the cybersecurity consciousness of all stakeholders including the users to an above average level.

A statement released by the President, Cybersecurity Experts Association of Nigeria, Remi Afon, reads, “Nigeria has become more vulnerable to various cyber-attacks with no adequate controls and legal framework in place to combat this menace. The increase in cybercrime in Nigeria can be attributed to lack of policy direction and leadership by the government to combat the scourge. While cybercriminals are collaborating, sharing information and providing 24/7 support services in the dark web on various cybercrime activities ranging from malware creation, compromised passwords sale, zero-day vulnerabilities, the government and private sectors in Nigeria are working in silos.”

Now, what I find most worrisome is that in many cases of breaches, the weakest link is always a human being. For attacks on organisations, the hackers usually try to target an individual in that organisation. The big question is — What can be done in such a situation? One important measure is to device possible means of preventing hacks into their systems, by setting up measures that are capable of combating such breaches. Put simply, there are ways an individual can better protect his/her information from getting breached. A very fundamental way to do this, which should be known to average Internet users, is to avoid using the same password across all your online platforms. This is to avoid a situation, whereby, all your online accounts can be compromised, once one of your online accounts gets compromised. By having different passwords for each of your online account, you have the assurance that your other accounts remain largely safe, as the hackers cannot gain access to them.

I will like to consider the views of some experts on this matter. Braden Perry, a cybersecurity expert, gave his overview and one of his postulations is that, traditionally, IT was not understood initially, by many companies, especially, by their top management. The role and responsibility of IT departments in some of these companies, did not get the much deserved support. After the various incidences of cyberattacks, there now appears to be an increased understanding between the IT departments and management.

The top management cadre of many companies now mostly have renewed interest in their IT departments and they have, of course, been looking at the need to get updated resources that will keep the organisation and its data safe. Sadly, a number of companies are, however, still paying less attention, when it comes to upgrading their information security system. They may, however, have cause to regret their nonchalant attitude towards ensuring the establishment of tight security measures in order to protect their online data from the prowling hackers.

Companies should realise that upgrading of security is paramount in the fight against cybercrime. Whenever a cybersecurity company rolls out an upgrade on any of its security products that the company is utilising, ensure that you carry out the upgrade. This is because failure to constantly upgrade as and when due, renders your security obsolete in no time and exposes your online data to vulnerabilities from hackers.

From observations, board members, who are sometimes part of top management, tend to discard issues that they are not familiar with. For instance, — Finish Reading on the Punch