Speakers and panelists at the ISSAN Cybersecurity Conference in Lagos, with the theme “Payment Systems Platform Security,” made the case for a strong collaboration and coordinated efforts by all stakeholders, including the government, to combat the rising wave of cyber threats in the country’s payment system platforms.
They emphasized the need of the industry having a Cyber Insurance Policy.
Dr. David Isiavwe, President of ISSAN, spoke on behalf of the organization and remarked that as the Covid-19 pandemic fades away, enterprises are now settling for a hybrid method of functioning and offering services for clients while remaining vigilant of the growing cyber danger.
Criminals are devising and implementing new forms of attacks against individuals, nation governments, and corporate organisations, he said, emphasizing that cyber security gatekeepers are not immune, since big quantities of money are normally at stake in every successful attack.
“What we see on the horizon,” he says, “is that Business Email Compromise (BEC) assaults are growing alarming, and ransomware attacks are not slowing down.” Phishing and password-targeted assaults are becoming more common. Attacks that cause a denial of service (DoS) or a distributed denial of service (DDoS) are on the rise. The loss is enormous on a worldwide scale. Nigeria is likely to take the lead in Africa in terms of estimated losses due to our size. As a result, there is an immediate need to develop ways to make payment system platforms safer,” he stated.
Dr. Isiavwe, who is also the General Manager of Ecobank Nigeria, stressed the importance of banks and organizations being proactive, keeping customers informed about new cyber threats and trends, automating and continuously monitoring their systems and infrastructure, and putting a high value on artificial intelligence, machine learning, robotics, and data analytics.
Musa Jimoh, Director, Central Bank of Nigeria (CBN) Payment System Management Department, praised ISSAN’s efforts to create a safer and more secure payment ecosystem in his keynote address, stressing that the apex bank is committed to initiatives that promote and enhance payment system security to combat cyber fraud in the country’s financial system.
He argued that the banking sector cannot afford to fail because the payment system is critical to any economic system’s operation.
“Data security is vital for clients and a tool for financial inclusion,” he claims. Banks are the trusted custodians of their customers’ information and should put in place systems to avoid data breaches and theft. Customers’ credentials should not be compromised because this would enable cyber thieves access to scam them.”
According to Jimoh, the entry of Fintechs into the financial landscape has increased competition, and that “all responsible officers in charge of information security in organizations should keep track and always check and see that the right things are done for the entities that are allowed to connect to their infrastructure.” To avoid terrorism financing and money laundering, banks should address infrastructure deficiencies, ensure operational resilience, implement second or multi-factor authorization, ensure banking payment infrastructure is formidable, address privacy violations, use end-to-end encryption to protect stored data, and follow KYC provisions.
Dr. Jameela Ayedun, Managing Director, CreditRegistry Plc, recommended a collaborative approach by banks, the Central Bank of Nigeria (CBN), and government agencies such as the National Identity Management Commission (NIMC), Nigerian Communications Commission (NCC), Nigeria Inter-Bank Settlement System (NIBSS), and others to improve cyber security in her technical presentation.
“All of us are responsible for cyber security,” she claims. We must defend our payment systems and not leave anything to chance because cyber thieves are still on the loose. We must educate our customers and not suffer in silence. Basic requirements must be met by payment service providers. In this sense, the government must also play a role. Our payment systems should prioritize privacy and security.”
Emmanuel Obinne, Head, Growth and Partnership – West Africa, BPC Technologies, also observed that cyber frauds transcend countries and boundaries in his technical presentation titled: Anatomy of the New Fraudsters – A Nigeria Perspective. He described many forms of frauds and asked that appropriate cyber laws be enacted to combat cybercrime.
“Fraud management is a process, not a goal,” he says. To prosecute cyber offenders, appropriate legislation should be in place. To avoid becoming vulnerable, businesses should continuously upgrade their payment systems and security. The authorization and authentication of transactions will be accelerated as a result of this. It is also necessary to use a second factor authorization to prevent fraud. Customers must be informed on a regular basis in order to increase their trust in the payment system.”
Yinka Tiamiyu, Chairman, Association of Chief Audit Executives of Banks in Nigeria (ACAEBIN); Ighoakpo Eduje, Chief Information Security Officer, Heritage Bank; and Basil Udotai, Managing Partner, Technology Advisors LLP, are among the other panelists at the hybrid summit, in addition to Dr. David Isiavwe. FBN Holdings’ Head of Internal Audit, Dr. Bode Oguntoke, mediated the discussion.