• Tuesday, June 25, 2024
businessday logo


From credit to cyber, RIMAN lists top business risks


In the last two decades, the risk to Nigerian businesses has evolved from traditional loan repayment default to the prominent cyber-hacking and identity theft, according to Magnus Nnoka, president, Risk Management of Nigeria (RIMAN), during a courtesy call to BusinessDay ahead of their annual national conference on risk management in digital era.

With companies identifying new ways to grow their businesses, digital transformation has become top priority on the corporate agenda as opportunistic cyber-criminals remain very active.

The COVID-19 pandemic has quickened the pace of digitization globally as most economies have been forced to move online, thus increasing cyber-security threats in Nigeria.

Due to rapid digitization, hackers have exploited this opportunity to attack the digital infrastructure of Nigeria. Nigeria, including other South African states, lag when it comes to digital security, thus making them a favorite target for cyber-criminals across the globe.

Read Also: RIMAN opens discussion on risk management in a Digital era

Considering the current situation, companies need to beef up their cyber-security measures and use online privacy tools like VPNs to secure company data from hackers.

These threats are not only at the national level but also at the individual level in Nigeria. The top six major cyber-security risks facing the Nigerian economy in 2021 and beyond include: Cloud vulnerability, IoT (Internet of Things) attacks, which consist of remote work challenges, 5G-to-Wi-Fi challenges, ransomware attacks, Weak passwords and two-factor authentication.

Kaspersky researchers have warned that although Africa is not necessarily considered a focus area for the more sophisticated types of cyber-criminal activity such as targeted attacks or advanced persistent threats (APTs), the continent is certainly not immune to these or other types of cyber risks.

David Emm, the Principal Security Researcher at Kaspersky, stated, “Generally speaking, and based on our research, Africa has the same hit rate as we would see for other parts of the globe when it comes to cyber-attacks and activity. This only emphasizes that the cyber threat landscape truly does incorporate the whole globe where no continent or country is free of this growing danger and where all consumers, businesses and industries alike need to pay attention to effective cyber-security measures – and especially during the current pandemic and resultant turbulent times.”

Kaspersky’s research identified the top malware families as ransomware, financial/banking trojans, and crypto-miner malware. When comparing Q1’2021 with Q2’2021, Kaspersky saw a 32 percent increase in ransomware and financial/banking Trojans in Nigeria during the Q2’2021.

Emm further stated that “…another concern is that as the cyber-threat landscape evolves, the nature of malware is changing”.

“The financial services sector remains a top targeted industry in Nigeria when it comes to cyber-criminal activity and such cyber-threats are not surprising when one considers the digital first approach this sector continues to take, driven by the needs and expectations of its customers,” Magnus said.

The “IT Security Team: 2021 and Beyond,” survey by Sophos showed that a vast majority of IT teams in Nigeria faced a rise in cyber-attacks (87%) and a heavier security workload (91%) over the course of 2020 strengthened their security skills and knowledge.

Despite the challenges created by the pandemic, 52 percent of the IT teams surveyed globally, said team morale increased during 2020.

Magnus went further to identify other top risks that could threaten Nigerian businesses. He listed them in order of hierarchy from climate change (environmental and social risk) to socio-political risk to investment risk and finally regulatory risk.

He also stated that management of cyber risk in Nigeria could only be handled from an organizational stand-point (individual organizations) and not at a national level. He also stated that the organizations must have the capacity (cyber-professionals) to handle it, saying, “You cannot call a plumber to repair doors in a house; if such is done, then catastrophe is imminent.”

He however specifically hammered on the issue of awareness and vulnerability assessment, which involves the consultation of third parties into the fray to enable concise assessment.

According to the general secretary RIMAN, Adesoji Olasoko, the CBN gathers information and experiences of cyber-attacks from various institutions and disburses such information to other financial organizations in order to raise awareness.

“The year 2021 will prove to be very challenging for Nigerian cyber-security. According to last year’s statistics, it seems like security will be a significant concern for Nigeria”, Adesoji said.

“In a world where cyber-crime remains rife and is only fuelled by aspects like the pandemic, there is never a moment one should not consider the implications of a cyber-attack, especially as the cyber-threat landscape evolves and become even more targeted and sophisticated than it was a mere few years ago,” Magnus stated.

“Cyber-crime is a business. This means that consumers and companies alike must remain vigilant against an increasing attack surface. Not only does this entail a more focused cyber training approach for staff within an organisation, but also using the latest technologies that feature artificial intelligence and machine learning for accurate and proactive protection and prevention in real-time,” Adesoji said.