Participants at the second edition of NaijaSecCon have been exposed to insights and discussions around malware analyses; cryptocurrency mining, USB forensics, digital forensics capabilities, programming and different topics around security.
Speakers at the conference held in Lagos on Friday, May 4, 2018, are of the view that lack of education on technical aspects of Information Security could hurt the economy in the nearest future.
Their unanimous views stem from the report which projects that the devastating effect of cyber-crime will cost about $6trillion by 2021.
This is from an increase of $3 trillion recorded in 2015. It is roughly estimated that about 60% of Nigerian companies suffered a form of cyber-attack during the year 2017, many of which went unreported for reasons ranging from, lack of knowledge of such happenings, apathy, fear of losing customers, job security etc.
The Founder of Inspaya, Muzudeen Kusimo, said there is a level of education required from those that would be making cybersecurity policies in Nigeria.
“This is necessary so that the policies they are making are right and effective. It is good to make policies but if they do not meet the realities on the ground, then the policies become ineffective. For you to apply these policies effectively, it means you have the right context and that is education. So there is a huge gap in terms of awareness.
“We have been having significant conversations with stakeholders both in Nigeria and the diaspora about the needs to alter the curriculum to reflect the current realities in the cyberspace.
And some of the ways to do that is to work with the universities and educationists in making sure that we introduce some of these courses. In the long run, this is going to form the core of the knowledge for cybersecurity.
“The goal is that after you finish the regular two or four years programme from the higher institutions, students will have some level of awareness that would take them to the next level. From there, they get actively involved in cybersecurity activities”.
Coming from the United States to be part of NaijaSecCon’18, Charles Nwatu, said he discovered there are a lot of talents to be harnessed in Nigeria to assist the government and corporate organisation wall off cyber traitors.
Nwatu said, “There is a lot of talent; I have seen the skills set developed. There is an issue of how to capture that talent and refine it. Structure, maturity and development, all those components are part of the experience.
As we continue to have more students come into the program to gain more experience doing the actual work within businesses and companies. Then the maturity changes over time.
“The talent is there. We need more education and refining these talents to understand the rules of engagement when it comes to cybersecurity practices. We want to ensure that we operate effectively in the cybersecurity space and not to put anyone in jeopardy.
He further called for right policies be put in place to assist the industry grow.
“The message for the entire public is cybersecurity, the talent is here. We need investments in infrastructure, maturity, housing, good policies from the government.
We just need a collective effort especially from the people, to push this course”, he said.
On his part, the Lead Convener of NaijaSecCon’18, Rotimi Akinyele said the conference was convoked to draw attention to issues around security while increasing wave of cyber crimes.
“There is something called BEC (Business Email Compromise) where you have hackers breaking into companies’ email and making transactions on behalf of the company.
Previously, it was phishing. Now, there seems to be a maturity in terms of how these crimes are committed, nowadays you have lots of people using malware and Trojans.
“As for BEC, in the recent, it was reported that Nigeria hackers break into emails making transfers. What they do is to liaise with other sophisticated criminals all over the world.
They buy most of these hacking tools from them and what they need to do is to embed this malicious code in an email and send. When the target clicks, they have access and start carrying out transactions on their behalf.
“There is also another attack known as the CEO and CFO Fraud. Hackers get access to the CEOs email and send email to the CFO asking him to make a fund transfer. This sort of attack is somehow recent and it looks like is being in the limelight for such attack”, he said.
Commenting on the competition, Akinyele said the university students were involved to participate in ethical hacking challenges.
Over ten teams qualified and participated in the hackathon with Team Phamtom emerging the overall winners. “The whole idea is to set them up in the right career path”, he said.