How to build a cyber resilient security organisation, by Inlaks

Inlaks has identified building formidable structures as a way to prevent cyber security threats in organisations.

This was highlighted by the company’s Cyber Security Manager, Adeyemi Ademiluyi, at the West Africa Cyber Security Summit (WACSS) organised by Afrocet Montgomery in partnership with KPMG Nigeria in Lagos.

Ademiluyi, who was a speaker at the summit, explained that with Nigeria as the second on the list of the most attacked countries in Africa after Zambia in the 2017 Global Threat Impact index, cyber-attack has become a global phenomenon that requires more technical, creativity and diplomatic approach to address.

“Basic tools such as antivirus, firewall, intrusion detection and prevention systems are no longer enough to combat today’s weaponised and sophisticated malwares persistently launched by the Cyber Adversaries. The implementations of security tools are good to prevent internal and external invasion but not panacea against Cyber-attacks and cybercrimes. .”

He also added that building a Cyber resilient organization was very key for any organisations that wish to survive in the Digital age, adding: “it should be seen as the collective responsibility and efforts of all stakeholders within the organisation and the Cyber ecosystem in general. Since no organisation, group or person is immune to attack, capacity building is key to winning the war and reducing the cost on cybercrimes and attacks. Awareness training and education on Information and Cyber security will definitely play a vital role in staying ahead of cyber thieves.

“The weakest link in the security chain should be motivated, trained and empowered to be the best line of defence. Effective training and education will also help the staff to identify threats, avoid malicious links and downloads. The staff will also know their roles in the response plan and how to communicate effectively in the event of any attack.

“Aside from those that are involved in the day-to-day running of the organisation, other members of staff like the cleaners and security personnel need to be trained because they are all part of the organisation. Building cyber resilience is building a room for continuity so there is a need to employ best practices like information security practices and business continuity strategies. There must be collaboration among all, especially the Management, IT team, information security team, and business operation team to form a strategy that will suit the organization.”

Ademiluyi, who is the pioneer president of Cyber Security Experts Association of Nigeria (CSEAN), a non-profit group of professionals in the field of information security, said that, “Cyber threat can bring down an organization and cause reputational damage. Imagine an organization that has been in existence for over 20 years and because the organization is being attacked, customers decide to take away patronage. It is going to affect the organization’s image, reputation and perception and can cause a huge damage to the organization regardless of the size.”

He further highlighted that Inlaks has embraced international best standard to implement the ISO27001 certification in information security management system. “This means that we know the value of information security, we want to control risks within our organisation and continue to improve our people, process and technology.

“When it comes to measures to be used to fight cyber-attack, we understand that there is need for us to be innovative and creative because cyber thieves are always looking for different ways to circumvent the established control systems. Our advice to customers is to be ahead of cybercrime perpetrators and employ a collection of tools, policies, frameworks, risk management approach, risk assessment approach,” he noted.