Nigerian Businesses Pay $706,452 as Cyber Ransom—Report
By Adedapo Adesanya
A new report has shown that amid a drive for digitalization, a total of $706,452 has been paid in ransom to cybercriminals by Nigerian businesses.
According to Sophos, in The State of Ransomware 2022 report, Industrial Control Safety Systems (ICSS) in critical infrastructure are increasingly exposed to cyber-attacks because of the digitization drive of the industry.
The report showed that as supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other control systems become connected to the Internet to allow greater business efficiency (remote process monitoring, system maintenance, process control, and production data analysis)-Industry 4.0, they also make the business more vulnerable to threats with the potential to seriously affect critical Industrial Control and Safety Systems.
Exposing the need as to as why internal cybersecurity is the new normal, the note shared with Business Post showed that critical infrastructure is classified as the physical and IT/OT assets, networks, and services. And that, if disrupted or destroyed, would have a serious impact on the health/ security/economic well-being of citizens and the efficient functioning of a country’s government.
“The energy sector and manufacturing industries are critical to the global economy, and their security is of the utmost importance. The integration of operational technology (OT) and information technology (IT) – industry 4.0 – in these industries has also increased efficiency and productivity, but it has also increased the risk of cyber-attacks,” the report explained.
“One of the main challenges facing these industries is the integration of OT and IT systems. OT systems, such as control systems, are used to control and monitor physical processes, while IT environments, i.e., the internet and cloud, are used to process and store data. The integration of these environments means that cyber-attacks on the Information Technology environment can now directly impact the physical processes controlled by Operational Technology systems.”
The note explained that the use of legacy (ICSS) in these industries is prevalent as many control & safety systems were developed before cyber security was a global concern and may not have the necessary security measures in place to prevent such attacks when the ICSS is compromised.
In addition, the hardware and software in these legacy ICSS could have reached their End of Life (EOL), which makes them more vulnerable to cyber attackers.
Some other factors have contributed to the growing vulnerability of industrial control systems, which include – insecure remote connections; Access links such as dial-up modems and wireless communications are used for remote diagnostics, maintenance, and examination of system status. If encryption or authentication mechanisms are not utilized, the integrity of the transmitted information is vulnerable.
Another is standardized technologies as organisations are transitioning to technologies, such as Microsoft’s Windows, to reduce costs and improve system scalability and Internal performance. The result is unrestricted access to knowledge and tools to jeopardize the system and an increase in the number of systems vulnerable to attack.
Another critical one is the availability of technical information—public information about infrastructures and control systems is readily available to potential hackers and intruders. Design and maintenance documents and technical standards for a critical system can all be found on the internet, greatly jeopardizing overall security.
In addition to the challenges and vulnerabilities facing the industrial control system, cyber threats and incidents are now major operating and business risks for every digital enterprise.
The report noted that in the age of digitization, it is imperative to create and execute strategies that allow the business to monitor and mitigate cyber threats and risks supporting its financial objectives.
However, to truly mitigate these risks and be IIOT-ready, organisations need to “have a comprehensive cyber security program with the partnership of industry experts, which incorporates intrusion detection and prevention systems, firewalls and secure remote access solutions in place, such as those offered by Schneider Electric; with a team of certified experts, delivering holistic cybersecurity programs to help maintain the system’s defences, with cybersecurity services such as vulnerability assessments, penetration testing, and incident response planning from an operations perspective, while integrating appropriate IT policies and requirements.”
The report warned that while the integration of OT and IT systems in the energy sector and manufacturing industries has increased efficiency and productivity, it has also increased the risk of cyberattacks.
To remedy this, organisations in these industries were tasked to adopt a cyber security program and posture to maintain profitability to protect against cyber-attacks.
Osun to Access $618m Creative, Digital Fund
By Adedapo Adesanya
The Osun state government has moved to launch a support desk for tech innovators and entrepreneurs in the state to access the recently launched $618 million fund by the federal government and the African Development Bank (AfDB).
Governor Ademola Adeleke, who directed the establishment of the fund, expressed the readiness of his government to tap into the opportunities in furtherance of the digital economy agenda of his administration.
The governor, whose position was recently affirmed by the Appeal Court, said his administration has created enabling environment for the Osun state tech ecosystem, citing the recent domestication of Nigeria’s Startup Act, the flag off of the state’s broadband fibre optic project, and the establishment of a Digital Advisory Board.
He said, “I am delighted to appreciate the African Development Bank, which has set up a $618 million fund to support the technology and creative sector in Nigeria. This is a great initiative spearheaded by Dr Akinwunmi Adesina, the Nigerian President of the African Development Bank, in partnership with our Federal Government, I would like to commend him for his visionary leadership and dedication to the development of our country.”
He added, “I am confident that this fund will go a long way in supporting innovation, job creation, and economic growth in our country.
“As the Governor of Osun State, I am pleased to announce that the Ministry of Innovation, Science, and Technology has been instructed to set up a desk to assist all technology and creative sector entrepreneurs in Osun State in applying and accessing this fund. The desk will provide comprehensive guidance and support to all interested applicants, ensuring that the application process is seamless and efficient.
“We are also exploring partnerships with the African Development Bank to support programs in the technology and creative sector in our state. We will be reaching out to the bank soon to discuss how we can collaborate and leverage this fund and other opportunities to create a vibrant and innovative ecosystem in Osun State.
“I commend the African Development Bank for domiciling the fund in the Bank of Industry to prevent it from being politicized. This is a great step towards ensuring that the fund is used for its intended purpose and will benefit the technology and creative sector in Nigeria.
“I encourage all technology and creative sector entrepreneurs in Osun State to engage directly with the Ministry and register as a stakeholder operating within the state. This is a significant opportunity for our entrepreneurs to grow their businesses while also contributing to the growth and development of our state”, he stated.
He called on residents to harness the potential of the technology and creative sector and create a vibrant and innovative ecosystem in Osun.
NIMASA, NCC Collaborate to Create Submarine Cable Regulation in Nigeria
By Adedapo Adesanya
The Nigerian Maritime Administration and Safety Agency (NIMASA) and the Nigerian Communications Commission (NCC) are collaborating to develop a regulatory framework to provide operational guidelines for Submarine Cables and Pipeline Operators in Nigeria.
Submarine and cable operators in Nigeria have been notified of the soon-to-be-implemented regulatory guideline for submarine cables and pipelines in Nigeria, in line with the provisions of the United Nations Convention on the Law of the Sea (UNCLOS).
Speaking at a pre-audit meeting of both organs of government in Lagos on submarine cable regulation, the Director General of NIMASA, Mr Bashir Jamoh, noted that the agency was committed to the Ease of Doing Business while implementing International Conventions which Nigeria has ratified and domesticated.
He noted that with Nigeria now a destination for global communication players, the time has come to prevent unregulated underwater cable laying, which might become hazardous to shipping.
According to him, “It is worthy to note that marine cable laying has been ongoing for over two decades in Nigerian waters. Our focus is to ensure the safety of navigation of shipping in Nigerian waters with all these underwater cables being laid.”
“NIMASA is developing the guidelines to regulate submarine cable operators in line with the provisions of UNCLOS; which we have ratified, and NIMASA will be the agency responsible for its implementation.
“We do not just implement laws; we consult. Where the responsibility of an Agency stops, that is where the responsibilities of another agency start. Collaboration is a key component of ease of doing business in the best interest of the country, and we will work closely with the NCC to achieve this,” he said.
On his part, the Executive Vice Chairman of the NCC, Mr Umar Garba Danbatta, who was represented by the Director, Compliance Monitoring and Enforcement, Mr Efosa Idehen, noted that the stakeholders’ dialogue strategy adopted by NIMASA in developing the guidelines would ensure a win-win situation urging NIMASA management to include the Ministry of Justice, a request NIMASA DG immediately granted.
Also speaking at the meeting was the Director General of the Bureau of Public Service Reforms, Mr Dasuki Arabi, who commended NIMASA and NCC for adopting effective Inter-Agency collaboration to avert a potential challenge for the country in the future.
NIMASA and the NCC also agreed to identify and resolve areas of likely regulatory overlaps, ensuring a regulatory framework based on consultation to engender the attainment of Nigeria’s digital economy transformation.
How Data Protection Policy In Nigeria Is Evolving To Secure Customers
By Otori Emmanuel
Technology advancement has increased the value of data, and many businesses are willing to invest in it. These data are obtained from customers directly or indirectly. When data is directly gathered, customers are often asked for their consent, and they typically provide it. In contrast, information that is gained inadvertently may be gathered through tracking or linkages to sources that already have the consumers’ data. Businesses use this strategy to improve their products and for research purposes.
To prevent unauthorized access, disclosure, or misuse of user’s personal information, data privacy and data protection policies are in effect. The right of people to decide how their personal information is gathered, utilized, and shared is referred to as data privacy. It involves making sure that people are informed about the information being collected on them, how it is being used, and with whom it is shared. Data protection policies, on the other hand, are protocols set up to safeguard private data against exploitation or unauthorized access. They require putting technical and organizational mechanisms in place to safeguard the privacy, usability, and authenticity of user data and also to prevent its loss, destruction, or alteration.
Data protection policies usually include instructions for the collection, processing, storage, and disposal of data. They also include safeguards for personal data security, such as encryption, access restrictions, and regular backups. Data privacy and protection regulations are crucial in the contemporary digital age, as personal data is captured, processed, and exchanged more frequently than at any time before.
User Data Protection in Nigeria
The Nigerian Data Protection Regulation (NDPR) was decreed in 2019 with the aim to ensure that individuals have control over their personal data and that it is processed fairly and legally. The NDPR mandates that businesses processing personal data get the individual’s consent before processing their information. Additionally, they must take the necessary security precautions to safeguard personal data against theft, loss, and unauthorized access.
Nigeria has established the National Information Technology Development Agency (NITDA) in addition to the NDPR to handle issues with data privacy and cybersecurity. The NITDA is in charge of enforcing the NDPR and ensuring that businesses abide by the data protection laws. Moreover, the NITDA has created frameworks and recommendations to offer firms advice on how to put in place reliable cybersecurity and data protection buffers. These rules address subjects like privacy notices, effect analyses of data protection, and breach reporting.
In accordance with the NDPR, businesses must acquire consent from people before collecting their personal data and have strong security measures in place to safeguard it. Businesses must appoint a Data Protection Officer (DPO) as part of the NDPR, who is responsible for ensuring that the law is upheld. Other laws in Nigeria, in addition to the NDPR, that deal with data protection are the Freedom of Information Act of 2011 and the Cybercrimes (Prohibition, Prevention, etc.) Act of 2015. These laws strengthen the protection of personal information while also outlining the consequences of data protection laws infractions.
With a focus on safeguarding customer personal information and ensuring that businesses are held accountable for any violations by these laws, Nigeria’s data protection regulations are continuously improving.
Latest News on Business Post
- Zenith Bank Proposes N2.90 Dividend After Impressive Growth in Gross Earnings March 29, 2023
- Sell Pressure on Bellwether Stocks Softens NGX Index by 1.16% March 29, 2023
- Friesland, Geo-Fluids Spur NASD OTC Exchange to Appreciate 1.02% March 29, 2023
- Naira Weakens at Official Market, Solidifies at Black Market March 29, 2023
- Crude Oil Extends Gains on Continue Supply Disruption Risks March 29, 2023
- Lagos Stops 50% Discount on Transport Fares for BRT, Others March 29, 2023
- Paystack Co-Founder Shola Akinlade Acquires 55% Stake in Danish Football Club March 28, 2023
- Oil Discovery in Nasarawa Will Lead To Prosperity, Energy Security—Buhari March 28, 2023
- Can Russia Increase Trade With Africa Beyond Rhetoric March 28, 2023
- Kuda Increases Women in Product Team by 87%, Engineering Team by 144% March 28, 2023