Banks, insurance companies and government institutions in Nigeria spent an estimated sum of N270.22m to prevent cyberattacks in 2018. According to a latest African cybersecurity study by Demadiur Systems Limited, some of the funds were used in the procurement of hardware and software such as Antivirus, load balancer, network access controls, among others.
The report entitled, ‘Cybersecurity skills gap’ stated that the indirect expenses were used by the companies to conduct penetration testing, audit, forensic investigations, risk assessment, compliance review and post-implementation, awareness and training of personnel. The study revealed that the companies and government establishments also used some of the funds for the technical training of workers, board members and business managers.
A breakdown of the expenses showed that banks spent $140.23m to secure their systems in 2018 while government institutions expended $130m in the same year. The President, Demadiur, Mr Ikechukwu Nnamani, while presenting the report said the country was in grave danger in terms of the ability to secure its critical national infrastructure.
This, according to him, is because one key finding was the shortage of qualified cybersecurity experts to handle the cyberthreat facing the country. Nnamani noted that as the country embraced more digital services with the prevalence of broadband connectivity, Over-The-Top applications, fintech services; Internet of Things, convergence of telecoms, broadcasting, healthcare, and the financial sectors, the threats posed by cybercriminals could no longer be ignored.
“The dire situation of Nigeria with respect to cyberthreat is further exasperated by the fact that between 2016 and 2018 the number of active telecom subscribers in the country increased from 154 million to 172 million users,” he added. “Training the Nigerian youth on cybersecurity skill presents a very viable opportunity to resolve youth unemployment while at the same time securing the country. It is on record that all certified cybersecurity experts in Nigeria are gainfully employed.
“Nigeria can take advantage of its well educated youthful population to build a strong cybersecurity workforce and become a global player in the cybersecurity space.” Commenting on the report findings, the Director, Business Development Nigeria Interbank Settlement Scheme, Christabel Onyejekwe, noted that physical and malware attacks were high last year as most hackers learnt a few illicit tricks like ‘jackpotting’, where attackers use external electronic devices or malicious software to launch attacks, which allowed them to take control of the ATM hardware.
She said a huge challenge facing the banking sector was the inadequate awareness and investment in cybersecurity, which left gaps and vulnerabilities that led to cyber-loss and fraud. She noted that the banking sector had faced numerous challenges resulting from the dearth of technical resources, low training and loss of available technical competencies to migration. According to her, there is a need for continuous drive for financial inclusion and customer education.