“We are helping to fight cyber security”
KPMG recently held a ‘Pan African Cyber Security Conference, in Lagos on the increasing financial risks faced by institutions in Africa. Joseph Tegbe, Partner and head, Technology Advisory, KPMG Nigeria and lead Cyber Security Growth Initiative Strategic Implementation team for KPMG in Africa spoke with Seyi John Salau, on Cyber Security exposure in Nigeria.
What is the relevance of cyber security in Nigeria today?
I know a lot of people think because Nigeria is not as technologically advanced, as other developed countries, cyber security might not be very relevant. It is relevant to start with, it is relevant and it will continue to be relevant as technology development is on the upward swing. If you look at statistics from the World Economic Forum’s Global Risk Report, you will see that we are all networked now, somebody can actually seat in North Korea and be able to hack into your system in Nigeria effortlessly and we are seeing that on the increase. Also there is a report recently that actually say that as at 2016 almost 430 million new malwares were discovered alone in 2016. This is a 2016 report that shows an upward swing of 46 percent from what was discovered in 2014. Interestingly, the Microsoft version you run on your system in Nigeria is not different from the Microsoft elsewhere, so when you have a part or you have an issue, you see that it is global and if somebody is going to hack into a system easily, vividly they can also do the same to your system in Nigeria. So what am basically saying is that cyber crime alone, when you look at cyber crime globally, and again look at the North Korea story, the North Korea allegation – the attack is not only on developed countries, Nigeria financial institutions were also alleged and it was alleged that they were actually looking for spasms to fund their nuclear acquisitions. So I will say today organizations in Nigeria are facing cyber risk, we are seeing lots of institutions facing cyber challenges, and it will continue to be on the increase, fraudulent transactions on online banking platform will continue to happen and we see those practice of fraudulent transactions that are happening. So that is why it’s obvious that Nigeria business eco system is not insulated from challenges that are being faced by businesses across the globe, and we will continue to see that on the increase. Either we like it or not internet, connectivity, network eco-system will continue to evolve in Nigeria and as long as we remain a global world, we will continue to be exposed.
What is the role of KPMG in fighting Cyber Security in Africa?
In the case of cyber fraud in Africa, everybody have a role to play in all this. Journalists have a role to play because it is all about self-denial, cyber fraud will continue to be on the increase in Africa. But, it also rest solidly on the organisations, financial institutions, government agencies to be forward thinking with a need to be proactive; what we find out in Europe and America today is that they are building cyber army, cyber army in Europe and America is that they have realise that cyber war is so much quoted than the physical fight, and we have seen in the recent election in America, it almost happened in Austral and it was about to happen in Japan, and now things are stabilizing. Fighting cyber fraud in Africa, we need to create awareness; everybody including journalists should help in providing information on cyber security. We at KPMG as a consulting firm, we are helping to fight cyber security; first by increasing awareness, we are helping by getting our clients together to marshal their action plans to address a lot of issues in regard to cyber fraud, we are helping clients to improve their strategy and we are also helping clients to build resilient over time to be able to ward off cyber fraud. The most significant thing that we have achieved in the last few months or year is how we have been able to get organisations in Africa and Nigeria to push cyber security discussions from the level of technology operational perspectives to a top-level discussion. There are also regulatory provisions today, if you look at the financial institutions, there are several provisions that addresses these changes. So regulators will have to play their roles, institutions will play their roles, government agencies will also have to play their role, we as consultants have to play our role.
Currently, what is the level of Cyber risk exposure in Nigeria?
The level of risk in Nigeria, can I put a measure to that; however if you ask me as we speak today – if I put it on a level of high, medium and moderate across all industry today, I would say moderate. Because when you talk about organisations today, are we seeing fraud attacks, are we seeing hacking on a daily basis, yes. When you look at financial institutions, we still have a lot of people that are still outside the banking system, it’s only in Nigeria that we have people keeping their money in their house; all the allegation about somebody finding 100 / 200 million dollars cash in a building, but why am I saying this – whether we like it or not we are still going to network because it is efficient, it is safer, it is cost effective to be networked. Today you will either buy a bundle from the network providers like GLO, MTN, ETISALAT, that gives you discount calling your family, so those are the attraction that will continue to happen, now the key issue is that the possibility for moving from moderate to high are there, and that is our fear. The risk of moving from moderate to high without even experiencing medium is the biggest risk that we have because what you will see is that technology adoption is on the increase. The level of technology adoption in Nigeria is very high; remember the recent Google article that actually prompted investigation into Yola when they saw the feeds, and wondering how come you have so much internet users concentrated in a particular area in Africa, and they saw that lot of people were having access to the internet around the University in Yola. So, what you find out is that the population is also a factor in Nigeria, so the risk that we have is the possibility of us moving from moderate to high risk without necessarily taking deliberate steps to address them. That is why we are creating awareness, getting our clients and organisations together to discuss the issues of Cyber Security in Africa in the KPMG Pan African Cyber Security Conference.
As a way of introduction, can you tell us more about yourself, and what you do?
I am Joseph Tegbe, and a partner in KPMG, I lead the technology advisory practice, I also lead the market function in Pan African Cyber Security Conference KPMG Nigeria, my background, interestingly – I have a background in Engineering, became a Chartered Accountant and still planning to study Law but, I started my career first as a tax consultant, grew to become an auditor and then became a management consultant, and in the last couple of years I have been a partner here for about 16years, this is my 28th year in my career consulting. Bulk of what I have been doing is PRP implementation systems / systems implementations. I lead a theme of about 100 people that vividly focuses on technology on one side and on the other side; I lead another theme, which involves market and projecting the line of business. I equally lead the Cyber Security Growth Initiative Strategic Implementation team in Africa.