Security challenges that were once confined to physical domains have expanded into cyberspace, creating a multi-dimensional threat environment.

From insurgency and terrorism to cybercrime and digital vulnerabilities, the country now faces a layered security landscape that demands new thinking, modern tools, and a more adaptive national strategy.

Recent analyses suggest that Nigeria’s security framework is under pressure not simply because threats have increased, but because their nature has fundamentally changed.

Insurgency, kidnapping, communal conflicts, cyberattacks, and infrastructure sabotage now intersect, undermining economic stability and slowing digital transformation. In an era defined by rapid technological advancement, Nigeria’s ability to re-engineer its institutions and integrate modern defence capabilities will determine its resilience and long-term growth.

Strains on Traditional Security Systems

Nigeria’s existing security architecture is increasingly stretched by evolving threats. Insurgency remains a major concern, particularly in the northeast, where groups such as Boko Haram continue to deploy asymmetric tactics. These attacks have resulted in significant loss of life, disrupted economic activity, and weakened investor confidence. Incidents such as the 2025 attack on a military base in Borno highlight how non-state actors are adapting faster than traditional defence systems.

At the same time, cyber threats are rising sharply. As digital adoption expands across banking, e-commerce, and public services, so too does exposure to risks such as phishing, ransomware, identity theft, and attacks on critical infrastructure.

These incidents cost Nigeria hundreds of millions annually and erode trust in digital systems. Despite this, many institutions remain underprepared due to limited investment in cybersecurity, weak enforcement of regulations, and low levels of awareness among users.

Institutional fragmentation further complicates the situation. Security agencies, including the military, police, and intelligence services, often operate in silos, limiting coordination and slowing response times.

Modern threats require real-time intelligence sharing and unified command structures, yet integration remains weak. While criminal networks have embraced digital tools to coordinate and execute operations, state institutions continue to rely heavily on conventional methods.

The Digital Age: Opportunity and Risk

Nigeria’s growing digital economy presents both promise and peril. Increased mobile connectivity, digital payments, and fintech innovation are driving financial inclusion and economic growth. However, this rapid expansion also creates new vulnerabilities.

Millions of users and businesses are now exposed to cyber fraud, data breaches, and systemic risks that can disrupt entire sectors.

Artificial intelligence is intensifying this dynamic. Cybercriminals are leveraging AI to automate attacks, develop more sophisticated malware, and deploy deepfakes for fraud and manipulation.

On the other hand, security agencies and organisations are beginning to adopt AI for threat detection, anomaly identification, and response automation. This has created a technological arms race that Nigeria must urgently engage with.

Data itself has become a form of national infrastructure. As highlighted in discussions at the PAOEF Summit 2026, cybersecurity can no longer be treated as optional, it must be central to national defence. Digital trust, defined by the confidence of citizens and investors in the safety of systems, is now critical to economic competitiveness.

Rethinking Security for the Digital Era

Addressing these challenges requires a comprehensive overhaul of Nigeria’s security architecture. A more integrated framework is essential, one that enables seamless collaboration among the military, police, intelligence agencies, and civil authorities. Real-time data sharing, joint operations, and unified command centres will be critical to improving response capabilities and strengthening national resilience.

Technology must also be embedded across all levels of security operations. Tools such as predictive analytics, drone surveillance, cyber defence platforms, and digital forensics are no longer optional—they are essential components of modern security systems. Without these capabilities, Nigeria risks falling further behind both state and non-state actors who are rapidly adopting advanced technologies.

Cybersecurity policy must also evolve. Stronger legislation, nationwide awareness campaigns, and integration of cybersecurity education into school curricula are necessary to build a more resilient society. Critical infrastructure must be regularly assessed for vulnerabilities, while both public and private institutions invest in developing skilled cybersecurity professionals. International collaboration will also play a key role, enabling knowledge exchange, intelligence sharing, and access to global best practices.

At the centre of this transformation is human capital. Education remains Nigeria’s most powerful tool for long-term security and development.

Building a workforce equipped with digital skills, cybersecurity expertise, and innovative thinking will determine how effectively the country navigates future challenges.

Security, Inclusion, and Economic Stability

Security challenges in Nigeria are closely linked to broader socio-economic realities. Poverty, unemployment, and inequality often create conditions that fuel crime and extremism. Addressing these root causes is essential to any sustainable security strategy.

Economic inclusion, equitable governance, and community engagement can help reduce vulnerabilities. Community-based security approaches, where citizens actively participate in intelligence gathering and local peace-building, can complement formal structures and improve trust between institutions and the public.

At the same time, Nigeria’s ambition to become a leading digital economy depends on its ability to provide a secure environment. Investors, businesses, and innovators require confidence in both physical and digital infrastructure. Without this, growth will remain constrained.

Security as a Foundation for the Future

The link between security and development has never been more evident. Frameworks such as the Abuja Compact, discussed at the PAOEF Summit, emphasise key pillars including trusted digital identity, broadband expansion, AI-enabled public services, cybersecurity, startup development, and human capital growth. These elements highlight the interdependence between national security and digital transformation.

If Nigeria fails to secure its environment, both physical and digital, it risks falling behind in an increasingly competitive global landscape. However, with the right investments and reforms, the country can turn its challenges into opportunities, unlocking new pathways for innovation, productivity, and economic growth.

Conclusion

Nigeria must transition from reactive to predictive security, from fragmented systems to coordinated intelligence, and from analogue approaches to digital defence. The future belongs to nations that understand the deep connection between security and development in a technology-driven world.

By strengthening its security architecture today, Nigeria can safeguard its sovereignty, empower its citizens, and position itself as a resilient and competitive player in the global digital economy.

The path forward is clear: secure the nation, embrace technology, and build a future defined by stability, innovation, and inclusive growth.

The law, enforced since March 2024, compels tech firms classified as “gatekeepers”, including Apple, Google, Meta and Amazon, to open their platforms to third parties, permit alternative app stores and payment systems, and end practices such as self-preferencing. It is currently under review, with the European Commission receiving stakeholder feedback up to September 24.

Apple says these policies are already limiting what customers in Europe can access. According to the company, several new features have been delayed, including iPhone-to-Mac mirroring, live translation with AirPods, and enhanced location-based tools in Maps. 

Apple says these features depend on its tightly integrated ecosystem and cannot be safely extended to third-party platforms without risking user data.

“It’s become clear that we can’t solve every problem the DMA creates,” Apple said. “Over time, it’s become clear that the DMA isn’t helping markets. It’s making it harder to do business in Europe.”

The Commission has dismissed Apple’s objections, stressing that obligations under the law are not negotiable. A spokesperson noted: “Gatekeepers, like Apple, must allow interoperability of third-party devices with their operating systems.”

The issue reveals how far governments can push top tech firms to open their systems without damaging user safety. Apple argues that sideloading apps and the rise of alternative marketplaces, both required under the DMA, expose consumers to scams, malware and pornography apps that were previously blocked from its App Store. The company says younger users and those less experienced with technology are most at risk.

Apple’s case aligns with concerns raised in Washington, where former U.S. President Donald Trump’s administration repeatedly condemned the DMA as discriminatory against American technology firms. 

The issue has also come with penalties: in April, Apple and Meta were fined for non-compliance, with Apple facing a €500 million sanction over restrictions on developer communications.

Reports from policy think tanks such as EPICENTER and ITIF have added weight to Apple’s stance, arguing that the DMA’s rigid design risks stifling innovation, delaying product rollouts and spreading compliance costs to smaller businesses.

The European Commission maintains that the law is essential to increase competition and consumer choice. Its first formal review is expected to determine whether the rules will be tightened further, potentially extending obligations to social networks.

Apple has made it clear it will continue to comply with legal requirements, but it is also noting that the EU regulation may come at a high cost for users, fewer features, slower innovation and, paradoxically, weaker protections.

The union’s spokesperson, Steven Iwindoye, minced no words in his statement on Wednesday. He accused inDrive of failing to protect its drivers, exposing them to criminals who exploit the app’s weak verification process.

“InDrive’s failure to implement a robust security system has cost many drivers their lives. Criminals can easily access the platform by posing as passengers and attacking unsuspecting drivers,” he said.

AUATON claims that a number of drivers have been robbed, attacked, and even killed due to inDrive’s lax security measures. According to the union, without adequate background checks for riders, drivers are left vulnerable, picking up strangers without any real assurance of safety.

Beyond security issues, drivers are also fuming over inDrive’s fare system, which allows passengers to dictate ride prices. Iwindoye argued that this model forces drivers to accept unreasonably low fares, leaving them struggling to cover basic expenses.

“Fuel costs, vehicle maintenance, and other expenses have skyrocketed, yet inDrive allows passengers to dictate fares that barely cover our costs. We are being exploited, and we refuse to continue under such a system,” he said.

Some riders reportedly slash fares by as much as 50%, making it nearly impossible for drivers to earn a decent income. AUATON is demanding immediate changes, including a structured fare system that accounts for fuel prices and vehicle upkeep, as well as better support for drivers facing financial hardship.

The union has instructed all its members to stop using inDrive, aiming to bring operations in Lagos to a standstill until their demands are met.

“We call on the government and relevant regulatory agencies to intervene and ensure that inDrive operates transparently and safely,” Iwindoye added.

The move is expected to disrupt transportation for thousands of Lagos commuters who rely on the app for daily movement.

inDrive Responds

The company’s Africa spokesperson, Lineo Thakhisi, defended the platform’s policies, arguing that its model is built on fairness and flexibility.

“Unlike traditional ride-hailing models, inDrive allows drivers to set their own fares and negotiate directly with passengers. This ensures that drivers have greater control over their earnings,” she said.

She also noted that inDrive offers the lowest commission rates in Nigeria, allowing drivers to keep more of their earnings compared to other ride-hailing services.

On security, Thakhisi assured that the company has implemented trip verification, emergency assistance options, and a rating system to improve safety.

“We continuously assess and enhance these security measures to ensure a safer experience for all users,” she said. “We are open to constructive dialogue with drivers and unions.”

With both sides holding firm, the situation is tense. AUATON insists the boycott will continue until inDrive makes considerable changes, while inDrive maintains that its system is fair and secure.

Hakimo, an innovator in AI-powered physical security monitoring, has raised $10.5 million funding round and launched AI Operator, a breakthrough autonomous security agent that monitors existing security hardware, detects threats in real time, and executes response protocols just like a human security professional. 

The Series A funding round was led by Vertex Ventures and Zigg Capital with participation from RXR Arden Digital Ventures and existing investors Defy.vc and Gokul Rajaram.

Hakimo has now raised a total of $20.5 million, including prior funding rounds led by Neotribe Ventures and Rocketship.vc.

Hakimo’s AI Operator combines computer vision and generative AI to monitor existing security hardware such as cameras and badge readers. Unlike conventional systems, it can detect any anomaly or potential threat that can be described in words – a breakthrough in physical security monitoring.

Beyond detection, the system issues real-time speaker warnings and executes standard operating procedures (SOPs) to respond to incidents, with human operators providing intervention only when necessary. This AI-human collaboration delivers superior protection at a fraction of the cost of traditional security approaches.

“Hakimo has pioneered a new era of AI-driven security by creating an intelligent AI agent that understands and responds to threats like never before. We’re not just automating security—we’re redefining it with AI that can recognize and act on any security event and deliver unmatched protection for businesses worldwide.” said Sam Joseph, co-founder & CEO of Hakimo. 

Hakimo was founded in early 2020 by Sam Joseph and Sagar Honnungar, Stanford-trained AI experts with backgrounds in building enterprise-grade software as a service (SaaS).

The duo launched Hakimo after identifying converging trends: exploding camera deployments, plummeting hardware costs, and rapid advancements in computer vision.

The founders recognized the potential for AI to reinvent physical security and have since assembled a talented, growing team of engineers and industry professionals to execute their vision of autonomous security monitoring.

Hakimo’s solution comes at a critical inflection point for physical security. The traditional guarding industry struggles with severe hiring and quality challenges, while alarm monitoring services face growing issues with false alarms and police departments increasingly refusing to respond to unverified alerts.

By leveraging existing cameras, AI capabilities, and remote operators, Hakimo eliminates these challenges while offering the advantages of both on-site guards and traditional alarm systems.

The company has experienced explosive growth over the past year, tripling its customer base and securing more than a hundred clients across diverse industries including multifamily apartments, car dealerships, construction sites, and Fortune 500 enterprises.

In 2024 alone, Hakimo’s technology prevented thousands of security incidents, assisted law enforcement in multiple arrests, and even saved a life.

“We got a drastic reduction in trespassing right after deploying Hakimo, and I now sleep better at night with the peace-of-mind provided by Hakimo’s AI agent,” said Rodrigo Duran, general manager at Kia Santa Maria, one of those customers. 

The technology’s impact extends beyond the scope of traditional security applications. Its ability to monitor multiple sites simultaneously while maintaining human-level reasoning has proven transformative for businesses seeking comprehensive security without the escalating costs and reliability issues of conventional approaches.

Commenting on the investment, Piyush Kharbanda, General Partner of Vertex Ventures SEA & India said:

“We are very excited to partner with the Hakimo team, who are bringing ground-up technological innovation to the large but antiquated physical security industry. There is a dire need for innovation, as current solutions lack the speed or accuracy to offer affordable real-time protection for offline businesses. Hakimo bridges this gap with an AI + Services approach, coupling the speed of cutting-edge vision AI algorithms with the reliability of humans-in-the-loop, thus delivering a 10x better service at more affordable rates.”

Ryan Orley, managing partner at Zigg Capital added:

“After studying the security monitoring ecosystem, our team concluded that Hakimo’s AI + Services solution is more robust and offers better value than any other technology we have encountered. Hakimo’s capabilities at its accessible price point are without peer. In fact, I became a Hakimo customer before our firm’s investment”.

“Hakimo is transforming physical security with AI, delivering real-time threat detection and smarter operations,” said Neil Sequeira, founder & partner, Defy.vc.

At Defy, we back bold teams tackling big challenges, and Sam and Sagar’s vision aligns perfectly with that mission. We’re excited to support Hakimo as they scale and set a new standard for AI-powered security.” 

This is the view of Lionel Dartnall, SADC Country Manager of Check Point Software Technologies, a pioneer and global leader of cyber security solutions.

“Digital transformation is reshaping the manufacturing landscape, bringing both new opportunities and significant risks. As manufacturing operations increasingly rely on interconnected systems, cybersecurity has become a critical concern,” he says. 

From ransomware to supply chain vulnerabilities, African manufacturers face cyber threats that not only jeopardise their financial stability but also disrupt global operations.

Fortunately, by adopting a multi-layered approach to cybersecurity manufacturers can not only defend against attacks but also improve operational efficiency. 

Impact of manufacturing sector in Africa

Manufacturing plays a huge role in many African economies, contributing significantly to GDP, employment, and industrial development. However, as the sector adopts more digital technologies, the risk of cyberattacks is escalating, impacting not just African manufacturers themselves but the broader economy.

According to the World Economic Forum, manufacturing accounts for about 10% of Africa’s total GDP on average. In 2023, Africa’s manufacturing output was valued at $500 billion, with key sectors such as food processing, textiles, and consumer electronics experiencing significant growth. 

Manufacturing in South Africa alone contributes close to 13% to the GDP, about $29 billion, according to PWC’s  2024 Manufacturing Analysis. Ethiopia, Kenya, and Morocco have also seen growth in their manufacturing sectors, with notable advancements in textiles, automotive, and consumer goods production. 

1.     Job Creation

The manufacturing sector is also a major source of employment across the continent. According to the 2024 South African Reserve Bank Occasional Bulletin of Economic Notes,  it accounts for about 12% of formal sector jobs in the country, with Nigeria also relying on manufacturing for significant employment, particularly in agro-processing and cement industries. Across the continent, manufacturing provides critical income and skill development opportunities, especially in industrial hubs like Lagos, Nairobi, and Johannesburg.

2.     Investment and Infrastructure

In response to increasing demand, several African nations are investing heavily in manufacturing infrastructure. New industrial parks and special economic zones (SEZs) in countries like Ethiopia, Egypt, and Rwanda are attracting foreign direct investment (FDI) and driving sector growth. As a result, Africa is positioning itself as an increasingly attractive destination for global manufacturing investments.

Rising Cybersecurity Threats to the Manufacturing Sector

As the sector has grown in significance, so the cybersecurity threat landscape has become more complex and perilous. Check Point Software’s  The State of Global Cyber Security 2025 Report revealed a 44% increase in global cyber attacks in 2024, signaling that threats are rapidly evolving, with the manufacturing sector being a prime target. 

In the third quarter of 2024 alone, manufacturing globally saw a 75% increase in cyber-attacks compared to the previous year, with organisations experiencing an average of 1,876 attacks each.  This is  a 15% rise from the previous quarter.

Cybersecurity Risks in Africa’s Manufacturing Sector

Despite its importance, African manufacturing sector faces significant cybersecurity challenges. The increasing digitalisation of manufacturing processes, combined with the integration of IT and OT, has exponentially raised the risk of cyberattacks. This is becoming a systemic issue with the potential to destabilise entire economies.

“Manufacturers face unique vulnerabilities due to their reliance on outdated legacy systems that are hard to patch and the growing integration of operational technology (OT) and information technology (IT),” Dartnall says.

• Internet of Things

Additionally, the increasing use of Internet of Things (IoT) devices in Africa’s manufacturing facilities creates further vulnerabilities, enabling attackers to exploit weaknesses in factory networks.

• Ransomware

Manufacturers are particularly vulnerable to ransomware because attackers know that shutting down production can result in severe financial damage. These threats are no longer hypothetical: According to the Waterfall Security Solutions’ 2024 Threat Report , in 2023, 68 cyber-attacks in Africa’s manufacturing sector led to substantial operational disruptions, causing  physical damage across over 500 manufacturing sites, leading to production shutdowns and logistical delays. 

• Supply Chain Risks

Africa’s manufacturing supply chains are often intricate, involving numerous suppliers, contractors, and logistics providers, all of which can serve as entry points for cybercriminals. The rise of cloud services in manufacturing has also introduced risks related to misconfigured cloud settings, data breaches, and attacks targeting third-party services.

Economic Impact of Cybersecurity Breaches

The economic consequences of cybersecurity breaches in Africa’s manufacturing sector are profound. Cyberattacks not only lead to financial losses but also damage reputations, erode investor confidence, and disrupt national economies.

1.     Losses and Operational Disruptions

Cyberattacks that disrupt operations lead to substantial financial losses, including the cost of system recovery, production downtime, and data restoration. In 2023, the cost of cybercrime in Africa was estimated at $4.1 billion annually, with a significant portion attributed to manufacturing disruptions.

2.     Impact on GDP and Job Losses

In countries like South Africa, where manufacturing is a key driver of the economy, cyberattacks can significantly impact GDP. In 2024, cybercrime was estimated to cost South Africa nearly 1% of its GDP, according to Check Point’s 2024 African Perspectives on Cybersecurity Report. 

Furthermore, production shutdowns resulting from cyberattacks can lead to widespread job losses, especially in sectors like manufacturing where smooth operations are critical for employment.

Enhancing Cybersecurity While Improving Operational Efficiency

To mitigate these risks, African manufacturers must adopt a multi-layered cybersecurity approach that not only defends against attacks but also improves operational efficiency. One such solution is Secure Access Service Edge (SASE), which integrates networking and security into a unified system, helping manufacturers safeguard their networks while boosting productivity and minimizing downtime.

• Use Case 1: Operational Transformation

Take the case, for example, of an African manufacturer facing increased competition and pressure to reduce operational costs. After an internal audit, the company identified significant inefficiencies, including machine idle time, poor connectivity, and excessive IT tickets related to connectivity and security issues.

By implementing a SASE solution such as Check Point’s Harmony SASE, the manufacturer was able to address these challenges. The improved network performance resulted in faster access to cloud resources, eliminating bottlenecks and reducing downtime.

As a result, it saw a 23% improvement in on-time delivery rates and reduced machine idle time below industry benchmarks. In addition to enhanced security, the company saved money by retiring costly MPLS systems that were previously used to connect production facilities and warehouses.

• Use Case 2: Securing a Complex Supply Chain

Another example comes from African manufacturers with a highly complex supply chain, spanning multiple suppliers, remote employees, and third-party contractors. With so many entry points, the security team was concerned about breaches, particularly of the company’s research and development systems. 

After adopting a SASE solution such as Check Point Harmony SASE, the company strengthened its security posture by implementing a Zero Trust model that restricted supplier access to only necessary areas of the network. 

This approach segmented the network and reduced lateral movement, protecting sensitive systems. The results were significant: the company saw a 30% reduction in security alerts and successfully thwarted several unauthorised access attempts. Moreover, by improving security across the supply chain, the company enhanced its overall risk management.

The frequency and sophistication of cyber-attacks on the manufacturing sector are escalating, underscoring the urgent need for comprehensive cybersecurity solutions. 

“Manufacturers must view cyber security as a strategic tool that enhances both security and operational efficiency. By embracing technologies like SASE, manufacturers can protect against cyber threats while driving productivity, reducing costs, and gaining a competitive edge in the global marketplace,” Dartnall concludes.

In today’s digital manufacturing era, strong cybersecurity is not just an option—it is essential for long-term success.

Let’s break it down.

Convenience at a Price

Imagine controlling your lights or thermostat with a tap on your phone or a voice command. Sounds great, right?

Devices like Amazon Alexa and Google Home make life smoother and more efficient. But these gadgets need data to function, and that data includes your daily routines and private conversations.

The Hidden Cost of Data

All this convenience comes at a cost. Your smart devices collect heaps of data, often stored in the cloud. This means you’re losing control over who sees your info.

Companies might share it with third parties, sell it to advertisers, or even hand it over to the government. Not so smart, huh?

Security Vulnerabilities

And let’s talk about hacking. Many smart home devices aren’t as secure as you’d think. Weak passwords, outdated software, and insecure APIs are open doors for hackers.

Think your home security system is impenetrable? High-profile breaches in devices like Ring and Nest suggest otherwise.

Legal Landscape

Lawmakers are catching on. The American Data Privacy and Protection Act (ADPPA) aims to give you rights to your data. You can access, correct, and delete it. Companies must limit data collection to what’s “reasonably necessary.” Sounds good, but enforcing these rules is another ballgame.

How to Protect Yourself

So, what can you do? Be smart about your smart home.

• Strong Passwords: Use unique, strong passwords for each device.
• Update Regularly: Keep your device firmware up to date.
• Know Your Rights: Familiarize yourself with privacy laws like the ADPPA.

Real-World Incidents

Data misuse in smart homes is real. From unauthorized data collection to hacking, your private moments could end up exposed. High-profile cases have shown how easily these devices can be compromised, underscoring the need for robust security measures.

Industry Responsibility

Manufacturers also have a role to play. They need to implement strong security protocols and be transparent about data usage. Compliance with standards like the Matter interoperability and security standard can help build trust and protect user data.

Consumer Awareness

Consumers must stay informed. Understand what data your devices collect and take steps to safeguard it. Use strong passwords, update regularly, and know your rights.

Josh Gordon, a technology infrastructure expert at Geonode, emphasizes the importance of robust privacy measures:

“The key to balancing convenience and security lies in understanding the data flows and ensuring that access is secure and controlled.” Gordon’s insights align with the industry’s growing emphasis on data privacy and secure access solutions, reinforcing the critical need for consumers to stay vigilant.

By staying vigilant and informed, you can enjoy the perks of a smart home without sacrificing your privacy.

This decision, which will enable Microsoft to tighten its cybersecurity, is part of its Secure Future Initiative and comes in response to the absence of Google Play Store services in China, which limits the availability of essential security applications such as Microsoft Authenticator and Identity Pass.

Per Reuters, a spokesperson from Microsoft confirmed the initiative on Monday, explaining that the change to iOS is necessary to ensure employees have seamless access to the required security tools. 

This development follows a series of security challenges for Microsoft, including recent incidents involving Russian hackers who breached the company’s email systems.

According to an internal memo reported by Bloomberg News, Microsoft will reportedly begin distributing iPhone 15 models to its China-based employees starting in September. This will mitigate the risks associated with the unavailability of Google’s Android services in the region and maintain strong security standards for its workforce.

Microsoft has been present in China since entering the market in 1992. The company operates a research and development centre in the country, focusing on its long-term goals in the region despite the complex regulatory environment.

Hence, the latest measure is Microsoft’s assertive approach to safeguarding its operations and ensuring compliance with regional restrictions in the country, thereby maintaining high-security standards for its global workforce.

The event brought together thought leaders and professionals from various sectors of the payment sector, offering insights, strategies, and solutions to the challenges faced in an increasingly digitized financial industry.

Setting the ball rolling in his keynote presentation, Mr. Festus Amede, chairman of the Committee of Chief Information Security Officers of Nigerian Financial Institutions (CCISONFI), outlined the importance of implementing robust security measures to protect sensitive financial data in the face of emerging threats. 

Amede, who doubles as the chief information security officer of Zenith Bank was represented by Mr. Olusola Adediran, a member of CCISONFI and the chief information security officer of Nigeria Inter-Bank Settlement System (NIBSS), noted, “When discussing topics like security and privacy in business, it’s essential to shift our focus towards events that emphasize trust, security, and privacy.”

He further delved into the complexities of online transactions, emphasizing the need for continuous adaptation and innovation to mitigate risks.

Amede also explained the role of technology in enhancing security protocols and safeguarding against fraudulent activities.

A well-recognized solution in the financial sector is Moniepoint MFB, the key sponsor of PAFON 1.0. 

Ikenna Ndugbu, chief compliance officer, represented by Isoken Aigbomian, regional sales Manager, Moniepoint, highlighted the evolution of Moniepoint into a leading payment processor, stating, “We started off with a virtual account service where we automated payments or transfers, allowing customers and businesses to make and receive payments seamlessly through transfers. This was what catapulted and was modified into the limelight and household name that seems to be.”

Aigbomian emphasized the company’s focus on providing flexible payment options to businesses across various sectors, stating, “Today, Moniepoint offers a wide variety of payment options to businesses. There is an online payment platform, in-person payments option and then there are the cash payments via our ATM network, which is almost, I think, one of the largest, as well.”

She explained how Moniepoint MFB identified the need for a seamless payment experience and developed innovative solutions to address it. “So what we did was we looked inward, and we said the most popular means of payment in Nigeria is transfer. So we worked with our engineers and were able to build an infrastructure.”

She concluded by highlighting the company’s reliability and commitment to customer satisfaction, “Beyond being highly reliable, we have the experience of less than 1% failure rate meaning entrusting us with your payment services will ensure a 99.9% success trust so simple transaction at any point in time and because selection becomes smoother, your business operations become smoother and it’s basically the best for any business to date.”

PAFON 1.0 featured discussions on various entangled topics ranging from AI-driven payment solutions to the challenges brought by cyber threats. 

Speakers highlighted the importance of consumer trust, data privacy, and regulatory compliance in facilitating a secure payment ecosystem. 

The need for collaboration among industry stakeholders to address emerging challenges effectively was emphasized. 

Roosevelt Elias, Founder of Payble, noted the importance of data privacy and security in the age of digital payments, stating, “It is essential to preserve the details of such trusted transactions, as they often hold significant importance for the company’s outcomes and operations.” 

He endorsed for cautious use of data and highlighted the need for AI encryption and compliance-based companies to protect user privacy and ensure regulatory compliance.

On the other hand, Peter Evbota, sales director at inq. Digital Nigeria Limited, spoke on artificial intelligence (AI) and its ability to transform sectors, particularly in data analytics and security. 

He emphasized the power of AI in processing both structured and unstructured data, highlighting its ability to detect patterns and provide valuable insights. 

However, he also warned of the security risks associated with AI, stressing the need for strong security measures and regulatory compliance in the financial sector.

In a goodwill message, Mr. Lucas Ajanaku, vice chairman of the Nigeria Information Technology Reporters Association (NITRA), represented by Chidiebere Nwankwo, NITRA Secretary, emphasized the significance of security in his goodwill message. He stressed the need for collaboration and dissemination of accurate information to safeguard consumers’ interests. 

Earlier in a welcome address, Mr. Chike Onwuegbuchi, co-founder of TechCastle Foundation, the program’s organizers, highlighted the necessity of addressing ongoing issues within Nigeria’s payment systems. 

He emphasized the importance of interoperability among banks and platforms to facilitate seamless transactions. 

Mr. Onwuegbuchi stated, “We looked at the payment system in Nigeria and we found out that there have been conversations around payment and there have been unresolved issues.”

Onwuegbuchi further touched upon the prevalence of misinformation regarding payment methods, urging for clarity and education to combat false information. He stated, “When people tell you that you cannot use a particular service or individual based on what somebody else said, merely tapping your finger on the monitor, it’s not true.”

Key Takeaways from PAFON 1.0 Panel Session

During the Panel Session, moderated by Peter Oluka, Chief Editor, Techeconomy, experts delved into important aspects of payment systems in Nigeria, engaging in discussions that spanned execution, investments, protection technologies, and awareness. 

One of the central themes addressed was the intersection of trust and security as regards artificial intelligence (AI) integration into payment systems. 

Panellists emphasized the imperative of ensuring solid trust and security mechanisms as AI becomes increasingly intertwined with payment ecosystems, safeguarding against potential vulnerabilities and threats.

Infrastructure’s key role in underpinning the security and integrity of payment systems was a relevant aspect of the discussion. Cloud service providers were particularly highlighted for their contributions, both in advancing AI technologies and also in bolstering security measures. 

Panellists emphasized the multifaceted nature of security technology implementation, acknowledging challenges such as cost implications, complexity, and the necessity of ongoing investment to fortify defences against evolving threats and fraudulent activities.

Regulatory policies and their efficacy in mitigating risks and ensuring compliance were explored, with a focus on potential limitations and barriers to effective implementation. 

While Nigeria has robust regulatory frameworks, the importance of alignment with international standards and the need for continuous investment in compliance measures to enhance security and privacy protections were noted.

The imperative of customer awareness and education in combating fraud and phishing attacks was emphasized throughout the session. 

Panellists at PAFON 1.0 outlined initiatives aimed at educating customers, leveraging offline distribution networks for outreach, and deploying advanced technologies to detect and prevent fraudulent activities effectively.

Collaboration was another central tenet pointed out for addressing security challenges comprehensively. 

The interconnected nature of the payment ecosystem was stressed and advocated for collective efforts among stakeholders to enhance security measures and foster customer trust. 

The session also highlighted the need for cohesive collaboration and ecosystem support to ensure payment systems thrive effectively.

These, as mentioned, will ensure a safe, resilient, and inclusive payment infrastructure for all stakeholders.

According to global research by Kaspersky, 78% of companies surveyed in the Middle East, Turkiye and Africa (META) region suffered cyber incidents in the last two years, and 10% of these were caused by the use of shadow IT.

A recent Kaspersky study showed that, in the last two years, 11% of companies worldwide have suffered cyber incidents due to the use of shadow IT by employees.

The consequences of the use of shadow IT can be diverse in their severity, but they are never insignificant, whether it’s the leak of a piece of confidential data or tangible damage to business.

So, what is shadow IT? 

Shadow IT is the part of the company’s IT infrastructure that is outside the purview of the IT and Information Security departments, i.e. applications, devices, public cloud services etc. but that is not being used in accordance with information security policies.

Deployment and operating shadow IT can lead to serious negative outcomes for businesses. Many instances were found in the Kaspersky study, which revealed that the IT industry had been the hardest hit, suffering 16% of cyber incidents due to the unauthorised use of shadow IT in 2022 and 2023.

Other sectors hit by the problem were critical infrastructure and transport & logistics organisations, which saw 13%.

Recent case of Okta clearly proves the dangers of using shadow IT. This year, an employee using a personal Google account on a company-owned device unintentionally allowed threat actors to gain unauthorised access to Okta’s customer support system.

There they were able to hijack files containing session tokens that could then be used to conduct attacks. This cyber incident lasted for 20 days and impacted 134 company’s customers according to Okta’s report.

Outlining ‘blurry shadows’

So, when you are looking for shadow IT, what to look for? These can be either unauthorised applications installed on employee computers, or unsolicited flash drives, mobile phones, laptops, etc.

But there are also some options that are less conspicuous. One example of this is abandoned hardware left over after the modernisation or reorganisation of the IT infrastructure. It can be used ‘in the shadows’ by other employees, acquiring vulnerabilities that will sooner or later find their way into the company’s infrastructure.

Regarding IT specialists and programmers, as it often occurs, they can create a tailored program themselves to optimise work within a team/department, or to solve internal problems, making work faster and more efficient.

However, they don’t always ask the Information Security department for authorisation to use these programs, and this could have disastrous consequences.

“Employees who use applications, devices or cloud services that are not approved by the IT-department, believe that if those IT-products come from trusted providers, they should be protected and safe. However, in the ‘terms and conditions’ third-party providers use the so-called ‘shared responsibility model’. It states that, by choosing ‘I agree’ users confirm that they will perform regular updates of this software and that they take responsibility for incidents related to the use of this software (including corporate data leakages). But at the end of the day business needs tools to control the shadow IT when it’s used by employees. Kaspersky Endpoint Security for Business and Kaspersky Endpoint Security Cloud, offer this control with Application, Web and Device control functions that limit the use of unsolicited apps, websites and peripherals. The Information Security department will of course still need to conduct regular scans of their company’s internal network to avoid the unauthorised use of uncontrolled and unsafe hardware, services and software applications,” comments Alexey Vovk, Head of Information Security at Kaspersky.

In general, the situation with the widespread usage of shadow IT is complicated by the fact that many organisations do not have any documented sanctions where their employees will suffer as a consequence of going against IT policies in this matter.

Moreover, it is assumed that shadow IT could become one of the top threats to corporate cybersecurity by 2025.

The good news is that the motivation for employees to use shadow IT is not always malicious, even more often, it’s the opposite.

Employees in many cases use this as an option to expand the functionality of the products they use at work because they believe that the set of allowed software is insufficient, or they simply prefer the familiar program from their personal computer.

To mitigate the risks of using shadow IT in an organisation, Kaspersky recommends:

• Ensure cooperation between the business and IT departments to regularly discuss new business needs, obtain feedback on the IT services used, in order to create new and improve existing IT services needed by the business.
• Regularly conduct an inventory of IT assets and scan your internal network to avoid the appearance of uncontrolled hardware and services.
• When it comes to personal employee devices, it’s best to give users as limited access as possible to only the resources they need to do their job. Use an access control system that will only allow authorized devices onto the network.
• Carry out training programs to improve the information security literacy of employees. To boost security awareness among employees, educate them with the Kaspersky Automated Security Awareness Platform training program, which teaches safe internet behavior.
• Invest in relevant training programs for IT security specialists. Kaspersky Cybersecurity for IT Online training helps build up simple yet effective IT security-related best practices and simple incident response scenarios for generalist IT admins, while Kaspersky Expert Training equips your security team with the latest knowledge and skills in threat management and mitigation.
• Use products and solutions that allow you to control the use of shadow IT within your organization. Kaspersky Endpoint Security for Business and Kaspersky Endpoint Security Cloud offer Application, Web and Device controls which limit the use of unsolicited apps, websites and peripherals, significantly reducing infection risks even in cases where employees use shadow IT or make mistakes due lack of cybersafe habits.
• Regularly conduct an inventory of IT assets to eliminate the appearance of abandoned devices and hardware.
• Organise a centralised process for publishing self-written solutions so that IT, so Information Security specialists learn about them in a timely manner.
• Limit the work of employees with third-party external services and if possible, block access to the most popular cloud information exchange resources.

This remarkable achievement spreads across Nigeria, Kenya, Tanzania, and the UAE, highlighting LuckyDodo‘s commitment to combining entertainment with valuable business insights.

Originating from a vision to redefine how businesses access consumer data and providing people around the globe the opportunity to dream and win big, LuckyDodo has now become a beacon of innovation, inclusivity, and limitless possibilities.

This journey, supported by the Dubai International Financial Centre (DIFC) Innovation Hub, showcases LuckyDodo’s transformation from a promising startup to a global icon in its field.

Central to LuckyDodo’s success is its AI-powered platform, coupled with the business intelligence sub-product “Trends by LuckyDodo.”

These tools have become vital in empowering businesses and investors with real-time insights into local market trends and dynamics.

The platform’s engaging lucky draws are more than just entertainment; they serve as a rich source of consumer behavior data, offering businesses unique insights and aiding them in making well-informed decisions.

As LuckyDodo celebrates this milestone, Mary Queenie Adam, co-founder, said that the company remains steadfast in its commitment to data privacy and security.

“Upholding global data privacy standards, LuckyDodo ensures that all user data is anonymized and aggregated before analysis. The platform is built on the principle of obtaining explicit consent from users, along with employing advanced security measures to maintain data confidentiality.

“The heart of LuckyDodo’s appeal lies in the diversity of its daily prizes, which range from high-tech gadgets to dream vacations and everyday essentials. This variety ensures that the platform caters to the varied tastes of its extensive user base, making it a daily destination for those seeking excitement and opportunities to win big.

Having its roots in the DIFC Innovation Hub, LuckyDodo has successfully expanded into the vibrant landscapes of Nigeria, Kenya, Tanzania, and the UAE”, the co-founder said.

“This expansion is not just a business move; it symbolizes the company’s dedication to spreading joy, opportunity, and insightful business intelligence across the globe”, according to Stephane Adam, co-founder of LuckyDodo. “Adapting to local preferences and collaborating with regional brands, LuckyDodo is more than just a platform; it’s an integral part of the digital experience in these nations”.

LuckyDodo stands today not merely as a platform but as a symbol of boundless potential, hope, and excitement in the digital world.

With 7 million users and counting, this DIFC Innovation-backed startup isn’t just changing the game – it’s creating a global playground where everyone is invited to dream big and win big.