Tony Anscombe, chief security evangelist at global cybersecurity firm ESET, argues that the time for viewing cybersecurity as a defensive silo is over.

Instead, businesses must treat cyber risk as a fundamental commercial risk, akin to the way South African organizations manage physical infrastructure redundancies like solar power and backup generators.

The Grudge Purchase Fallacy

For many organizations, cybersecurity is still viewed as a “grudge purchase”—a necessary but unwelcome expense. Anscombe highlights a common boardroom scenario that illustrates a dangerous misunderstanding of financial exposure.

“Imagine a boardroom where a CISO requests a R10-million budget based on detailed threat modeling, but the board only approves R6-million,” Anscombe notes. “That R4-million difference is not a saving for the business; it is an unmitigated financial risk that the business has chosen to absorb.”

This perspective shifts the focus from technical vulnerabilities to bottom-line exposure, requiring C-suite executives to translate patches and firewalls into acceptable risk.

Defining Appetite for Risk

Using a casino analogy, Anscombe explains that cybersecurity is not a binary “safe or breached” status. It is entirely dependent on an organization’s specific appetite for risk. While some may take high-risk gambles with their data, others spread their “bets” across multiple defensive layers.

For major financial services institutions, this challenge is compounded by Technical Debt. Many organizations rely on complex legacy systems that are functionally essential but technologically unpatchable.

“The discussion shifts away from patches to asking how to best segment and protect a vulnerable old heart with a modern shield,” says Anscombe. This, he argues, is a strategic architectural decision rather than a simple software installation.

The Cost of Hyper-Aggressive Security

One of the most overlooked aspects of digital defense is the hidden cost of friction. While a lack of security leads to breaches, hyper-aggressive security can lead to false positives, where security software blocks legitimate business activities.

In high-volume environments like trading floors or e-commerce hubs, a disruption of just a few minutes has a quantifiable financial cost.

Anscombe suggests the blueprint for Good Security is a light touch approach that:

• Works Invisibly: Boosts commercial ROI without eating into daily profits.
• Uses Intelligence-Driven Context: High-quality platforms that understand user behavior.
• Reduces Friction: Only interrupts the user when behavior is genuinely suspicious (e.g., detecting logins from two different continents within minutes).

Interrogating the Substations

Drawing a parallel to the infamous Heathrow Airport power outage, caused not by a core system failure but by a neglected utility substation, Anscombe urges leaders to look beyond their own walls.

The modern business risk profile includes:

• Third-party vendors
• Integrated supply chains
• Legacy applications

No Finish Line

The core message for the Nigerian and South African business ecosystems is clear: cybersecurity is a continuous, boardroom-led exercise.

“There is no finish line in cybersecurity,” Anscombe concludes. “You cannot arrive. All you can, and should, do is strategically and tactically plan your race according to the risk you are willing to take on board.”

The post Tony Anscombe on Why Cyber Resilience is Now a Boardroom Exercise in Risk Tolerance appeared first on Tech | Business | Economy.

His keynote titled “Securing Digital Economy: Strengthening Infrastructure and Harnessing the Power of Artificial Intelligence”, was more than a technical presentation; it was a call to secure Nigeria’s digital destiny.

Inuwa began with a sobering truth: as Nigeria’s digital economy accelerates, so do the threats that accompany it. “Cybercrime now costs the world over $10 trillion annually, making it the most lucrative form of crime globally,” he said, citing the World Economic Forum’s ranking of cybersecurity among the top five global threats. “Our strategies must evolve beyond physical protection.”

For Nigeria, the stakes are high. The ICT sector contributes about 17 percent to the national GDP, while the broader service sector, powered largely by digital technologies, accounts for nearly 58 percent of economic output. “The digital economy is the heartbeat of our development agenda,” Inuwa noted. “Every sector now runs on technology, from banking and education to healthcare and transportation.”

Yet, with Artificial Intelligence (AI) transforming how we live and work, the DG warned that it has also reshaped the cybersecurity landscape. “AI enhances productivity and innovation, but it equally empowers cybercriminals with precision tools to execute sophisticated attacks,” he explained.

To stay ahead, Inuwa stressed that security must be embedded into digital infrastructure from the foundation. “Digital infrastructure now goes beyond servers and networks, it includes utilities, telecommunications, and even autonomous vehicles. If a hacker gains access to an autonomous car, the consequences could be disastrous,” he said.

He outlined three core components of AI systems, data, compute power, and algorithms, all of which must be protected to maintain trust and resilience. “If any of these are compromised, the entire system becomes vulnerable,” he cautioned.

But even as technology evolves, human behavior remains the weakest link. “Globally, human error accounts for 90 to 95 percent of cyber incidents,” Inuwa said. “Cybercriminals exploit human weakness because it’s easier to manipulate behavior than to break through advanced systems.”

To address this, NITDA’s cybersecurity strategy rests on four strategic pillars:

1. Governance: anchored by the Cybercrime (Prohibition, Prevention, etc.) Act, now updated to reflect emerging threats. A Presidential Executive Order has also designated critical digital information infrastructure as national assets, “a milestone that allows our cyberspace to be recognised and protected as a national highway.”
2. Capacity Building: tackling the global shortage of cybersecurity talent, currently 4.4 million professionals short worldwide, including 140,000 in Nigeria. Through the 3 Million Tech Talent (3MTT) programme and the National Digital Literacy Framework (NDLF), NITDA aims to empower young Nigerians with digital and cybersecurity skills, targeting 95 percent digital literacy by 2030.
3. Incident Management: led by the National Cybersecurity Coordination Centre (NCCC) under the Office of the National Security Adviser (ONSA), with sectoral CERTs across finance, communications, and law enforcement ensuring rapid and unified responses.
4. Collaboration: fostering partnerships with the African Union, Smart Africa, international CERTs, and global tech giants to enhance collective defense mechanisms.

He further revealed that NITDA, in partnership with ONSA, is developing a National Cybersecurity Architecture to promote accountability, information sharing, and unified national defense.

Inuwa closed with a message to all Nigerians, one rooted in personal responsibility.

“Cybersecurity is not just about technology; it’s about people. Every Nigerian has a role to play. Use strong passwords, enable multi-factor authentication, avoid phishing scams, and report cyber incidents promptly. Together, we can build a secure and digitally resilient nation.”

By investing in infrastructure, human capital, and innovation, NITDA is shaping a future where Nigeria’s digital economy thrives, securely and sustainably.

The post Securing Nigeria’s Digital Future: How NITDA is Building Cyber Resilience in the Age of AI appeared first on Tech | Business | Economy.

The conference, centred around the theme “Leveraging AI for Cyber Resilience: Building a Secure Future Bridge” will take place at the prestigious Ballroom at the Palms Hotel in Abuja, on September 25th and 26th, 2024.

Cyber Secure Nigeria is an annual event that brings together cybersecurity professionals, policymakers, industry experts, military personnel, security enthusiasts, students, and other stakeholders to address the latest trends, challenges, and best practices in the field of cybersecurity.

As an initiative by CSEAN, the conference aims to foster collaboration, knowledge sharing, and innovation to enhance cybersecurity measures and promote a safer digital environment in Nigeria.

The 2024 edition of Cyber Secure Nigeria will delve into the huge potential that Artificial Intelligence offers to the cybersecurity industry and its impact on the cyber capabilities of our organisations and country. With the rapid digitization of various sectors and the increased reliance on digital technologies, cybersecurity has become a fundamental pillar of national security and economic stability.

The sub-themes for the conference include:

1. AI and Human Security
2. Digital Economy with AI
3. AI-Aided Government
4. AI in Cyber Warfare
5. Securing Critical Infrastructure with AI
6. AI-Assisted Cybersecurity Technologies Human-AI Collaboration in Cybersecurity
7. AI for Countering Social Engineering and Disinformation
8. The Future of AI and Cybersecurity
9. Security of Things/Internet of Things

AI-Powered Cybersecurity Solutions Cyber Secure Nigeria 2024 will feature renowned international and local experts as keynote speakers, panellists, and workshop facilitators. Attendees will have the opportunity to engage in interactive sessions, participate in hands-on workshops, and network with industry leaders, fostering collaboration and knowledge exchange.

This year’s conference coincides with the 10th anniversary of this impactful organization, and will be preceded by celebratory activities across our various branches. The event will close with the 2nd edition of our Cybersecurity Merit Awards, which starts at 6pm on the 26th of September 2024.

“We are thrilled to organize the Cyber Secure Nigeria 2024 Conference in our continuous efforts to promote cybersecurity and create a safer digital environment in Nigeria,” said Ade Shoyinka, President of CSEAN.

“By bringing together cybersecurity professionals, policymakers, thought leaders, and key stakeholders, this conference seeks to spark meaningful discussions on how AI can be leveraged to strengthen cyber resilience, also advancing the exchange of innovative ideas and strategies that harness the power of AI to safeguard the future of our digital ecosystems.”

The Ballroom at the Palms Hotel in Abuja, known for its luxurious facilities and serene environment, is the venue for this prestigious event. Its commitment to excellence aligns perfectly with the goals of Cyber Secure Nigeria 2024 conference.

How to Register

Registration for the Cyber Secure Nigeria 2024 Conference is ongoing. Apply via the conference website to secure your spot today.

The post CSEAN Unveils Cyber Secure Nigeria 2024, 2nd Cybersecurity Merit Awards appeared first on Tech | Business | Economy.