Information Technology Security experts on Wednesday highlighted education, awareness, capacity building and competence development as key to information security in the financial sector.
The experts, sitting as panelists at a webinar organised by the Nigeria Computer Society (NCS), said adequate education and awareness would mitigate the large scale fraud in the financial sector.
The News Agency of Nigeria (NAN) reports that the webinar was sponsored by Sterling Bank, with the theme: ‘Information Security in the Financial Sector’.
The former President, NCS Prof. Adesina Shodiya, said that education and awareness were very important in promoting financial security.
Shodiya said training of the employees was vital because it would enhance best work practice.
He said that training of employees in the financial sector, creating awareness and education of customers would mitigate the challenges of financial institutions.
According to him, digital payment is a good development because of the convenience.
But the challenge is that majority of the people using such platform do not have sound knowledge of information security and are not bothered, he said.
‘’The way to go is education, training, security awareness because a lot of attacks is going on in the financial sector not reported.
‘’Most employees must have training and knowledge about best practices and training should be done in such a way that it would be of interest to the employees
‘’So all financial industries should continue to prepare against any form of attack because we will continue to see new wave of attacks so they need all form of mechanism to protect their barriers,’’ he said.
According to him, it is also very important for financial sector to conduct research, to protect resources entrusted to them.
The Lead Forensic Examiner, Digital Footprint Nigeria Ltd. Dr Tombari Sibe, said ransomware had been of concern in recent times and the financial services sector most impacted.
Sibe said the financial service sector was data centric, hence the ransomware quite risky and the increased threat and vulnerability could be attributed to new technology trends.
‘’As financial service sector and customers, these things are real and it is good to take it important and it is also good that NCS and Sterling Bank are bringing it to fore burner.”
According to him, there is need for education, need to know what to do and what not to do, such as clicking on link of suspecting source or give out information on phone.
He said that one should not hop on any free WiFi because it is easy to hack and financial sectors should take care of their enterprise, have an Incidence Response Plan and Business Continuity Plan, among others.
He, however, commended the financial sector for its compliance with the Nigeria Data Protection Law.
Also at the panel discussion, Founder and Chief Executive Officer, Hyperspace Technologies Ltd. Mr Oluseyi Akindeinde, said a lot of organisations reduced capacity training for their employees due to the brain drain syndrome that enveloped the country.
Akindeinde said that the training, capacity building competence development and education should be reintroduced.
According to him, investigation carried out revealed that human compromise is a threat to information technology security.
A lot of internal people that were trained and administrators of the information security are now out of the country and sabotaging the system.
He said in spite of all, capacity building should be reintroduced and all time monitoring system should be set up.
On the need for regulation, Akindeinde said that innovations proceeded regulation and one could not regulate what one did not understand.
He said that in trying to regulate, policy makers were over regulating so what was expected of policy makers was to understand the technology and make regulations.
The President, NCS, Mr Muhammad Aliyu, however, appreciated the panelists while highlighting the importance of training and creating awareness of risk in the financial sector.
Aliyu also appreciated Sterling Bank immensely for sponsoring the webinar.
(NAN)