Odeyemi: We Don’t Have Enough Cyber Security Experts in Nigeria

0

Senior Partner, e86 Limited, a software development company, speaks on how the company has been bridging the skill gap through training. Adedayo Akinwale presents the excerpts

What exactly is your company into?

We started out with the primary motive of providing quality software services in Nigeria. Over the years, we have successfully built off-the-shelf software products and also built custom software products for individuals and businesses across the country. Due to the gaps in skills that we identified in the market while building these products, especially software development and engineering skills, we decided to invest in training. This explains why we have a lot of computer programming courses. We have spent less time and money advertising our courses; we have populated most of our classes based on referrals and word of mouth. Word on the street is that e86 is currently the most reliable place to learn how to code and how to become a professional in IT, especially if you’re the type that would like to put to use what you learn immediately.

How long have you been doing this?

Personally, I have been in the industry as a professional for 16 years, thank God for smart parents who saw the future when it wasn’t so clear. While waiting to get into the university after my secondary school education, my parents agreed to put me through software engineering training for two years, it seemed like something to do to while away time at that time, friends and family thought it was a waste of money, time or an attempt to replace university education. I became a Certified Java Programmer in 2005 at the age of 19, which gave me all the confidence I needed to grow within the industry. It is with the same skills I acquired that I paid myself through school and I’ve been doing life. e86 is also one of the proceeds of the skills acquired and the growth experienced. e86 was founded in 2012 to enable us do more for Nigeria and Africa.

What is the missions and vision of your organisation?

Our vision at e86 is simple; we want to be the most efficient and reliable technology gateway in Africa. To fulfill that vision, we are set on a mission to do the following: To build sustainable and scalable products that solve the most daunting problems across Africa; To provide efficient technological services in all walks of life; To build competent human capacity in technology, for Africa, by Africans.

How does one become a professional in cyber security?

The growth of the Internet and technology in general has given us so many opportunities that didn’t exist 20 years ago. These opportunities have helped the human race to build new businesses, modernize old ones and model new ways of living. Just like life itself, there are always upsides and downsides. Let’s take the internet/mobile banking as an example. It has made transactions a lot easier; customers can now send money and complete other financial transactions without entering a physical bank. As good as this sounds, there are people whose motive/job is to look for the weak points in these financial systems and try to use it to their own selfish advantage.

As we popularly say in the tech space, there is no technology platform that is 100% secure, the more valuable a platform is, the more attacks it will experience. So far, humans are still the weakest links in technology. A successful cyber security breach could be due to a bad setup/configuration, bad programming decisions or untrained company staff.

I mentioned untrained company staff because no matter how secure your technology infrastructure is; it is people that will use and manage it. One of the most successful hacking techniques in the world today is called Social Engineering, in-fact, a very good hacker must be good at social engineering and successful hacking campaigns begin with social engineering.

The staff of a company could be contacted over the phone or by email and asked seemingly innocent questions. I’m am sure you have received one of those phone calls from strangers pretending to be agents of your bank trying to get you to give out your bank/card details. The intelligent ones spend most of their time researching about you before placing a call through.

Also, very close to this is the Phishing attack. This is also a social engineering attack where the target is sent a mail or text with links to click on. I’m very sure you have also received one of those emails telling you your account will be suspended if you don’t click on a link to take immediate action. Once a target clicks on such links, what will follow could be unimaginable. They may be able to steal your data, including login credentials and credit card numbers or even take over the operations of your device or technology infrastructure.

This is why we at e86 have taken time to properly structure our cyber security curriculum. Our cyber security program prepares participants for industry relevant cyber security examinations and also prepares them for the ever-changing technology-working environment. To become a professional, simply register for any of our cyber security programs, we will support you from the point of registration till you pass all your professional exams.

Is the training on cyber security strictly for those in computer science related field?

Absolutely not! Cyber security is for everyone. As our lives revolve more and more around tech, cyber security awareness and competence becomes a requirement for daily living.

At e86, we have carefully structured our cyber security curriculum into the following categories: Cyber Security for users – This is for the general public. You do not require a background in computer science or technology to join this training. Based on what we have heard from former participants, it is an eye opener and the training has raised their awareness about computing systems and how they interconnect, threats and vulnerabilities, especially social engineering.

Cyber Security for leaders, managers and business owners – This curriculum is specially crafted for decision makers. Apart from going through the same modules that ordinary users go through, we also focus on cyber security governance and industry standards and how these things should affect the cyber security policies of their organizations.

Cyber Security for Professionals: This curriculum combines everything under the 2 previous curriculums but goes deeper into the technicality of things. This curriculum leaves no stone unturned as participants are taken through the 360-degree view of Cyber Security.

Cyber Security University Degree (B.Sc.) – This curriculum includes everything we have stated above but additionally, it leads to an international university degree in Cyber Security. This is made possible based on our partnership with NCC UK, and it allows candidates to spend 12-18 months with us in Nigeria after which they proceed to a university in the UK, US, Canada, Australia or New Zealand for top up, after which they are awarded a degree.

How does one protect his company from cyber-attack?

It starts by getting decision makers of the organisation trained. Most leaders simply go ahead to hire cyber security professionals without first understanding it themselves.

This often leads to low funding for cyber security and unguided organisational policies, which leads to frustrations for everyone involved, and most likely a breach.

A well-trained senior management team will be able to provide appropriate oversight and will help guide the organization towards designing what their cyber security policy would be. It is based on an affective policy; tailor made for the organization that other IT and non-IT staff members will be trained. It is also based on this policy that a team will be setup to handle the technicalities of securing their infrastructure.
Your people should always be your first line of defense against cyber security. No matter how many billions of dollars you spend on your firewalls, and related technologies, an untrained staff can give out details of all your internal technology infrastructures via a single email or phone call.

In what ways can this improve the country’s economy?

In 2019, a report published by Serianu stated that Nigeria lost $649 million to cyber security attacks. If we look away from the money lost, there are also issues surrounding credibility and trust, especially for government and businesses. Quality training, not only in cyber security, but also in other aspects of technology will help boost our internal competence, increase innovation and secure our infrastructures against attacks.

Especially considering what formal public university education looks like at the moment, providing quality alternatives, especially as vocational options will reduce unemployment and boost economic returns.

At the rate at which technology is growing, every organisation in Nigeria requires at least one cyber security professional; this ultimately means we do not have enough hands within Nigeria at the moment.