The COVID-19 pandemic led to a global shut down of economic activities. As a coping mechanism for the world, it necessitated a paradigm shift of activities from physical to virtual across all industries. Sectors like education took to online learning and work became generally remote. Due to this switch, its effect on the IT teams were intense as they were the key enablers of this transition. However, with the maximizing of the cyber space came its attendant negative consequences because cyber-attacks became more prevalent especially within our country Nigeria.
Cyber security is the protection of computer and network systems from cyber-attacks. These cyber-attacks are diverse ranging from ransomware, malware, spyware, phishing, smishing, spamming, denial of service attacks etc.
In a recent survey; “The IT Security Team: 2021 and Beyond” carried out by Sophos group, a British security software and hardware company, it revealed that Nigeria had 60% increase in cyber-attacks. Notable examples are during the ENDSARS protest, a number of government agencies had their websites including that of the Central bank hacked. For a country with 104.4 million internet users, it has indeed become timely that awareness on cyber security is prioritized as its effect on government and society and consequently the national economy is enormous.
The effects are breach of national security secrets, classified information, theft of sensitive data like medical and educational/research records. For businesses, such attacks jeopardize the organization’s reputation, lead to law fines and suits and decrease confidence level by customers and clients. It also leads to identity fraud, financial fraud, leak of sensitive personal information of individuals for undue exploitation.
To effectively mitigate these cyber-attacks, proper consideration should be taken into the three core elements of cyber security being the people, technology and policies. It has been observed that the people (employees and administrators) are the weakest link. More awareness should be created on cyber security by training and retraining workers in organizations. Vulnerability assessments and visibility should be carried out on business network systems to detect loopholes for cyber-attacks and secure the network. Zero trust security models and safe password policies should be adopted. There should also be a database of verified applications, the internet should be monitored to blacklist fraudulent and fake new sites. End users and employees should be taught safe computing, how to browse the web safely, use email securely, use network marketing and cloud services securely and also expose them often to phishing and smishing tests to increase their vigilance and preparedness to handle such cyber-attacks. There also should be as much focus on secure coding as given to functional coding by software developers.
With the huge proliferation of businesses, public and private institutions in Nigeria into the cyber space, it is only expected that adequate measures be put in place to have them secured.