The President of the Africa Digital Economy Forum, Mr. Olusola Teniola, in this interview which was followed on Arise TV, spoke about the strengths and weaknesses of the country’s national cybersecurity policy and the need to raise awareness among Nigerians to cyberlaws and local content. Nosa Alekhuogie brings the extracts:
Can you give us the details of the country’s national cybersecurity policy and strategy and what are the plans for the awareness program that has been scheduled for the end of the year?
The cybersecurity policy and strategy document which was launched on February 23, 2021 by President Muhammadu Buhari in Abuja, literally said that we need to make sure that the digital infrastructure needs to be protected with plans to be introduced to protect these assets. because it is critical. As you know, we are in the process of transitioning to the digital economy, which is seen as the next frontier for Nigeria and we obviously need to make sure that the infrastructure that underpins the digital economy is secure. These structures are not only information and communication technology (ICT) structures, but they are also linked to power, the health sector, the environment and other critical systems that need to be interconnected to ensure that all difficult cyber threats are reduced and citizens are not exposed to threats as they try to manage their daily lives on the digital framework. We have a new technology being introduced, 5G for example, and this technology opens up many more areas of application services that need to be encompassed in the cybersecurity plan. Thus, the document itself highlights a strategy on how Nigeria will deal with these potential threats.
What is your assessment of Nigeria’s current exposure to cyber risk, and also what do you think of the news around the world regarding ransomware attacks against various governments and companies?
Yes, I think with Nigeria we have a situation where some of our organizations, even government organizations, are still not really connected in a coherent way so it’s kind of mixed. We have cases where business emails are compromised, and this seems to be the area that has been heavily targeted in certain segments of our company. They see that social engineering is an easy way to access some systems, but it could be in place although what we have in terms of evaluation is still below the list of those who are highly prepared, because we Obviously we have to focus on educating, raising awareness not only of the businesses that are affected, but also those that interact with our systems, so this is a work in progress. I sincerely believe that the workshop we are launching this month is actually starting to address some of the issues in terms of coordination and synchronization with the military and defense apparatus, and that will obviously spill over into another dialogue with d ‘other areas over the next three months and as you mentioned, seven areas, in fact, that we see as priorities and that we need to engage in to ensure a synchronization of how we deal with cyber threats that might emerge, and this will obviously improve preparation and assessments going forward.
How do we use local content to drive cybersecurity conversations because we cannot continue to outsource cybersecurity conversations when we have viable software developers. So how can we use local content to drive developer inclusion?
I think your question on local content is poignant, you are right. I think we have to start believing that the local talents that exist in the ICT sector and other sectors are capable of producing the kind of software, the kind of solutions and, to some extent, the frameworks that match the way we operate in Nigeria. I think that to start with obviously we have to work with foreign organizations, because we will also have to interconnect our systems with foreign systems. So actually learning from their past experiences, learning from some of the security companies that have had to deal with some of these challenges is a good point, but I think we shouldn’t stop there. We need to have knowledge transfer to local entities to ensure that we are also contributing to the booming digital economy. And then finally, I think the question around, artificial intelligence is very important. We know that artificial intelligence is currently biased, it depends on those who developed the algorithms. We, as Nigerians, must also engage in this process in order to develop our own artificial intelligence algorithm. So yes, we will continue to push local content and that is to make sure we have a Nigerian-centric structure and framework.
Cyber security is not just about preventing hacking and protecting the integrity of cyberspace. The policy also aims to promote economic activities, such as e-commerce and financial inclusion. So, isn’t there a contradiction in what your group plans to do as you start this awareness workshop?
It’s really hard to find the balance. What do I mean by this balance? On the one hand, the cybersecurity industry is about the industry. Since the 1990s, we have witnessed a phenomenal growth in computer tool developments, areas of awareness development, to the tune of hundreds of billions of dollars worth on an annual basis. So cybersecurity, as the ecosystem is vast, is growing, and the global trend is that it will only increase with the increased adoption of mobile devices, especially smart devices, and the vulnerabilities that come with it. adoption of these devices. Thus, Nigeria being the largest telecommunications market in Africa is a privileged landscape for us to contribute and also develop our cybersecurity tools and frameworks, this is a point therefore it is essentially an opportunity to generate income from of this by creating a cybersecurity ecosystem in Nigeria. The other part is really, there will always be this urge to make sure our citizens are safe online. Even, it is recognized that online abuse, especially against gender issues, children as well, and other types of crimes are on the Internet. There is a dark side of the internet that we want to try to avoid which includes hate speech, fake news etc. to ensure that those who want to continue living their lives digitally can do so in a safe environment. So there will always be that balance, as there are other platforms as well, which obviously have rules and procedures on how they engage with their communities. So this is going to be a journey to make sure that the introduction of these tools, and the way and the way Nigerians interact is done in a safe way, obviously judged by the government and by civil society going forward.
What is your position on shutting down telecommunications in Zamfara state and 13 local governments in Katsina states. Do you see it as a good mechanism to fight against banditry and terrorism in the country?
You know there are many ways to butcher a cat, and I don’t mean to go against what the security agencies have done in terms of Zamfara and maybe other states, but the industry Telecommunications follows his advice and obviously the instructions of the federal government, especially when it comes to national security. One way to deal with high crime rates, or where there are difficult issues, is obviously to cut off communication. This has always been the case before, cell phones have been introduced into society. But now that they are dependent on devices and technology, if security deems it necessary for them to really infiltrate organizations, then one of the ways to fix this is to try to break them down. prevent communicating. . I believe that in the future, better synchronization of information, intelligence information not only within the security apparatus, but also within these local communities, will improve the way and the manner in which they can actually respond. the challenges they are currently facing.
In all of these engagements that you’re going to have, will it address the planned 5G rollout, and what is the state of the spectrum in general in Nigeria, and the cybersecurity conversations around the spectrum?
In terms of infrastructure, 5G is a technology like 4G, 3G, 2G and formerly 1G. So we are addressing the current issues and, of course, the foreseeable ones. 5G is upon us and we need to make sure that its adoption is a rollout, its impact on the current cybersecurity landscape is not large to overwhelm us. As I said above, 5G will allow other services, other applications in cases, in the telecommunications space, use cases that are new. So that brings a new dimension to the current situation we find ourselves in, so yes, 5G will be considered. Spectrum has always been scarce in Nigeria, and throughout Africa in general, because obviously in Nigeria in particular we rely heavily on wireless communication and not landline communication. So yes, there will be a discussion on how we can improve the fixed line infrastructure, as well as the wireless infrastructure. Thus, the case of spectrum being a safety issue has been approached in terms of health issues. But as to how we actually use it to make sure it’s used for good rather than bad, another discussion will continue over the next three months.
Can you give more details about the awareness workshop that you are starting over the next three months. What is the structure, who are the participants, where is the location and most importantly, are cybersecurity companies in Nigeria involved in all of this?
I can tell you that we will talk about the identification of the National Critical Information Infrastructure (CNII), and we will also describe the CNII in detail and also develop plans to protect and mitigate threats against our CNII. The result is really to have a dialogue and to synergize our plans. There are different types of organizations that are trying to play in this area because it is a very dynamic space. They will probably be involved but what we didn’t want was the massive role, and that’s why we break them down into areas that we are going to focus on to try and resolve specific issues in the industry and in the event of ‘today, it’s the army and the defense so it’s quite broad I cannot name the names of those who will participate but I can assure you that the Office of National Security Adviser (ONSA) will obviously give the main point of press needed on the results after the deliberation and this is happening in Abuja.