Information Technology (IT) security experts on Wednesday highlighted education, awareness, capacity building and competence development as key to information security in the financial sector.
The experts sitting as panellists at a webinar organised by the Nigeria Computer Society (NCS) in partnership with Sterling Bank, this week, reiterated that adequate education and awareness would mitigate the fraud in the financial sector.
A report by the Nigeria Inter-Bank Settlement System (NIBSS) shows that at third quarter of 2023, the Nigeria banking sector lost over N9.5 billion naira to electronic fraud.
Also, a fraud and forgeries, First Quarter 2023 report by FITC, underscored the pressing need for proactive measures in the face of escalating cyber threats.
To this end, the NCS webinar which was sponsored by Sterling Bank had the theme ‘Information Security in the Financial Sector’.
Leading the discussions, Professor Adesina Shodiya, the immediate past president (IPP) of NCS said that education and awareness are very important in promoting financial security.
Sodiya said that training of the employees was vital because ‘what you do not know is bigger than you and what is bigger than you can cost one a lot’.
He said that training of employees, creating awareness and education of customers would mitigate the challenges of fraud faced by financial institutions.
According to Sodiya, digital payment is a good development because of the convenience, however, the challenge is that majority of the people using such platforms do not have sound knowledge of information security “and are not bothered”.
“The way to go is education, training and security awareness because a lot of attack is going on in the financial sector, not reported.
“Employees must have training and knowledge about best practices and such training should be done in such a way that it would be of interest to the employees.
“So, the financial industry should continue to prepare against any form of attack because we will continue to see new wave of attacks. They need all forms of mechanism to protect their systems,’’ he said.
According to the IPP of NCS, it is also very important for financial sector to conduct research so as to protect resources entrusted to them.
Dr Tombari Sibe, the lead forensic examiner, Digital Footprint Nigeria Limited, said that Ransomware has been of concern in recent times and financial services sector is the most impacted.
Sibe said that financial service sector is data-centric hence the increase in ransomware threat and vulnerability attributed to new technology trends.
“As Financial service sector and customers, these things are real and it is good to take it seriously. It is also good that NCS and Sterling Bank are bringing it to fore burner’.
According to him, there is need for education, need to know what to do and not to do such as clicking on link of suspecting source or give out information on phone.
The security expert also said that one should not hop on any free WiFi because it is easily hacked and financial vectors should take care of their enterprise; have an incidence response plan, business continuity plan, among others.
He however commended the financial sector for the compliance level with regards to the Nigeria Data Protection Law.
Also speaking at the panel discussion, Dr. Oluseyi Akindeinde, the founder and chief executive officer, Hyperspace Technologies Ltd., said that a lot of organisations have ditched capacity training for their employees due to the brain drain syndrome witnessed in the country.
Akindeinde said that the training, capacity building, competence development and education should be reintroduced.
According to him, investigation carried revealed that the human compromise is a threat to information technology security; “a lot of internal people that were trained and administrators of the information security are now out-of the country and sabotaging the system”.
He said inspite all, capacity building should be maintained and all time monitoring system should be set up.
Speaking on the need for regulation, Akindeinde said that innovations proceeds regulation and one cannot regulate what one does not understand.
He said that in trying to regulate, policy makers are over-regulating hence they (policymakers) need to have sound knowledge about technology to develop helpful regulations.
The Nigeria Computer Society (NCS) led by Dr. Muhammad Sirajo Aliyu as the president, is the umbrella organization of all information technology professionals, interest groups and stakeholders in Nigeria.
Author
