The session themed “Beyond Compliance: AI-Powered Resilience for Nigeria’s Financial Future” held on Wednesday this week at The George Hotel, Ikoyi, Lagos.

Delivering the keynote address, Francis Ofungwu, chief executive officer, DevSecFlow, noted that the future of cybersecurity in Nigeria lies not just in regulatory compliance but in building intelligent, responsive systems that understand our local context and respond with speed, scale, and precision.

According to Ofungwu, DevSecFlow has developed an advanced Security Operations (SecOps) platform (SECOYA), designed to help financial institutions and highly regulated organizations streamline their security operations through intelligence, clarity, and control, in response to the increasing complexity of cyber threats facing Nigeria’s digital economy.

“The SECOYA platform handles critical cybersecurity functions such as threat hunting, incident response, and alert triage with greater accuracy and endurance than human analysts. It reduces manual workflows, provides 24/7 protection and still requires human oversight and governance to ensure transparency and ethical safeguards,” he said.

Speaking on the broader challenges in Nigeria’s cybersecurity ecosystem, Abdel Sy Fane, co-founder, DevSecFlow, said SECOYA was built to address these issues by embedding security seamlessly into existing workflows and powering it with AI that understands both user behaviour and operational context.

Fane added that SECOYA’s SecOps automation capabilities enable teams to focus on real threats, while its accessible design ensures that even SMEs with limited resources can deploy enterprise-grade protection at scale.

“We built SECOYA to solve the trust and collaboration gaps we kept seeing across tech teams. Real security does not just come from tools, it comes from understanding how people work and then designing systems that support and elevate them without getting in their way,” he said.

The event also featured a panel session moderated by Ofungwu, which had an impressive list of cybersecurity leaders from some of Nigeria’s top fintech companies.

The discussants included Ebuka Onyejegbu, Senior Business Relationship Manager, Moniepoint; Demi Babajide, Back-End Developer, OPay; Paul Oludele, Information Systems & Security Manager, PalmPay; and Sopriye Iketubosin, manager, Information Security, Kuda MFB.

Onyejegbu highlighted the ongoing transition from rule-based systems to AI-driven threat detection, noting that while AI adoption is on the rise, effectiveness depends on thoughtful, contextual integration.

While Babajide, on his part, emphasized the importance of multi-layered AI systems built with prevention at their core, underscoring the value of proactive security engineering from the design stage.

Bringing different perspectives to the discourse, Oludele focused on how AI is enhancing user security and the end-to-end user experience, while Iketubosin stressed the need to shift human involvement from manual detection to strategic oversight and governance.

He echoed the consensus that AI-driven systems when allowed to operate at scale can significantly improve efficiency, reduce incident response times, and enhance overall security outcomes.

The 2024 Arctic Wolf Security Operations Report sheds light on the key trends shaping the modern threat environment and provides actionable insights for businesses to enhance their cybersecurity postures.

Troye technical director Kurt Goodall says one of the dominant themes in this year’s report is the evolving nature of cyber threats.

“Despite the rapid advances in technology, tried-and-true methods like social engineering and exploiting unpatched vulnerabilities remain incredibly effective.”

“In fact, Arctic Wolf’s observations indicate that exploitation of known vulnerabilities with available patches outnumber the exploitation of zero-day vulnerabilities by 7.5 times,” he adds.

Furthermore, the report highlights a disturbing trend of increased phishing activity, with a notable 500% spike observed in just one month.

Attackers continue to exploit world events, political upheavals, and natural disasters to lure unsuspecting victims.

In April 2024 alone, phishing attempts surged by 150%, coinciding with major political announcements and occurrences as well as ongoing conflicts Russia-Ukraine and Israel-Hamas conflicts.

In addition, Arctic Wolf’s 2024 SOC report highlights the critical need for 24×7 security operations, with 45% of the security alerts issued by their SOC being generated outside of regular working hours and 20% occurring on weekends.

Identity: The emerging battleground

Identity and access management (IAM) telemetry has emerged as the most common source of early threat detection, responsible for seven of the top 10 indicators of compromise leading to security investigations by the Arctic Wolf SOC.

Unauthorised credential usage and account takeovers (ATOs) remain a significant concern, with infostealers like the Win32.Zbot trojan appearing in over 2,000 weekly instances.

These findings underscore the need for businesses to implement robust IAM systems and continuous monitoring to mitigate identity-based attacks.

Manufacturers under siege

Goodall says manufacturers are increasingly becoming targets of cyber espionage and intellectual property theft.

“More than 26% of alerts in this year’s report were related to threats targeting manufacturers, a staggering 2.6x higher than expected. This finding aligns with growing concerns about industrial espionage, particularly as certain countries push for industrial modernisation.”

Ransomware: A persistent threat

Despite law enforcement takedowns and growing distrust between ransomware groups, ransomware remains a major threat. Arctic Wolf Security Engineers responded to 158 ransomware attempts between May 2023 and April 2024.

Arctic Wolf notes that, “an effective SecOps function dramatically reduces the risk posed by ransomware.”

Highlighting the importance of monitoring ransomware precursors such as initial access to the environment, the establishment of persistence, and the reconnaissance and exfiltration of data as a way to disrupt the attack chain of a ransomware attack.

The importance of vulnerability remediation

One of the simplest and most effective ways to mitigate cyber risk is through vulnerability remediation. Attackers continue to exploit core business applications like Windows 10, MS Outlook, and Cisco IOS, with many vulnerabilities remaining unpatched for months or even years.

Organisations are urged to prioritise remediation efforts, as known vulnerabilities outnumber zero-day threats by 7.5 to 1.

The 2024 Security Operations Report emphasises the critical importance of around-the-clock monitoring and a robust SecOps strategy.

Organisations that can effectively operationalise their cybersecurity investments, respond swiftly to alerts, and build resilience through vulnerability management and identity protection will be far better equipped to defend against modern cyber threats.

“As the report states, effective security operations is your best defence against today’s financially motivated attacks and government-backed espionage. For organisations seeking to safeguard their digital infrastructure, the report offers a comprehensive view of the threats they face and practical solutions to reduce cyber risk,” he concludes.