President, Africa Digital Economy Forum, Mr. Olusola Teniola in this interview that was monitored on Arise TV, spoke on the strengths and weaknesses of the country’s National Cybersecurity Policy, and the need to sensitise Nigerians about cyber laws, and local content. Nosa Alekhuogie brings the Excerpts:
Can you take us through the details of the country’s National Cybersecurity Policy and Strategy and what the plans are with regard to the sensitisation programme that has been planned to hold later this year?
The Cybersecurity policy and strategy document that was launched on the 23rd of February 2021 by President Muhammadu Buhari in Abuja, literally stated that we needed to ensure that digital infrastructure needs to be protected with plans to be introduced to protect those assets because that is critical. As you know, we are transitioning into the digital economy, which is viewed as the next frontier for Nigeria and we obviously need to ensure that the infrastructures that are underpinning digital economy are secured. These structures are not only Information and Communications Technology (ICT) structures but they are also relating to power, the health sector, the environment and other critical systems that need to be inter worked to ensure that any difficult cyber threats are curtailed and have citizens that are not exposed to threats as they try to transact their daily living on the digital frame work. We have new technology being introduced, 5G for instance, and that technology opens up a lot more areas of application services that need to be encompassed with cybersecurity plan. So, the document itself highlights a strategy of how Nigeria will address these potential threats.
What’s your assessment of Nigeria’s current cyber risk exposure, and also what do you make of news around the world of ransomware attacks against various governments and corporations?
Yes, I think, with Nigeria, we have a situation where some of our organisations, even government organisations are still not really connected in a coherent manner so it’s rather mixed. We do have incidences where business emails are compromised, and that seems to be the area that has been targeted heavily in certain segments of our society. They see that social engineering is an easy way of actually accessing certain systems but then, that might be in place though what we have in terms of assessment was still lower than the list of those that are heavily prepared, because obviously we need to focus on educating, create an awareness across not only those businesses that are impacted but those that interact with our systems so it is a work in progress. I truly believe that the workshop that we are kicking off this month actually starts to address some of the issues in terms of co-ordination and synchronisation with the defense and military apparatus, and then that obviously will spill over to another dialogue with other sectors over the next three months and as you mentioned, seven sectors, actually, that we see as priority that we need to actually engage to ensure that there’s synchronization of how we address the cyber threats that might appear, and obviously that will improve readiness and assessments, going forward.
How do we use local content to drive Cybersecurity conversations because we can’t keep outsourcing cybersecurity conversations when we have viable software developers. So how can we use local content to drive inclusion for developers?
I think that your question around local content is a poignant one, you’re right. I think that we have to start to trust that local talents that exists in the ICT sector and other sectors are able to produce the type of software, the type of solutions and to a certain degree, the frameworks that are in line with the way we operate in Nigeria. I think as a starting point, we do obviously need to work with foreign organisations because we will have to interconnect our systems to foreign systems as well. So, actually, learning from their past experiences, learning from some of the security firms out there that have had to deal with some of these challenges is a good point, but I think we shouldn’t end there. We need to have the transfer of knowledge to local entities to ensure that we are also contributing to the burgeoning digital economy. And then finally, I think that the issue around, artificial intelligence is very important. We know that at the moment artificial intelligence is biased, it depends on those that have developed the algorithms. We need to as Nigerians, also engage in that process so that we develop our own artificial intelligence algorithm. So yes, we will continue to push the local content part and that’s to ensure that we have a structure and a framework that is Nigerian centric.
Cybersecurity is not just about preventing hacking and the integrity of the cyber space. The policy is also meant to promote economic activities, such as e-commerce, and financial inclusion. So, isn’t there a contradiction in what your group plans to do, as you begin this your sensitization workshop?
It’s really difficult to get the balancing act. What do I mean by this balancing act? On the one hand, the cybersecurity industry is about the industry. Since the 1990s, we’ve seen tremendous growth in the cyber tools developments, the awareness development areas, to the tune of hundreds of billions of dollars that is worth on a per annum basis . So the cyber security, as the ecosystem is large, is growing, and the global trend is that it will only increase with the further adoption of mobile devices especially smart devices, and vulnerabilities that comes along with adopting those devices. So, Nigeria being the largest telecommunications market in Africa is a prime landscape for us to also contribute and develop our cybersecurity tools and frameworks, that’s one point so it is essentially an opportunity to generate revenue from that by creating a cybersecurity ecosystem in Nigeria. The other part really is, there is always going to be this urge to ensure that our citizens are safe online. Even, there’s a recognition that online abuse, especially towards gender issues, children as well, and other types of crimes are on the internet. There’s a dark side of the internet that we want to try and avoid and that includes hate speech, fake news, etc, as technology develops as we go forward so we need to have a framework as well to restrict the bad side of the internet, to ensure that those that want to continue to live their lives digitally are able to do it in a safe environment. So there’s always going to be this balance, because there are other platforms as well, that obviously have rules and procedures as how they engage with their communities. So, this is going to be a journey to ensure that the introduction of these tools, and the way and manner that Nigerians interact is done in a safe manner, deemed by government obviously and civic society going forward.
What’s your position on the telecom shutdown in Zamfara State and 13 Local Governments in Katsina states. Do you see it as a good mechanism for combating banditry and terrorism in the country?
You know there are many ways to skin a cat, and I don’t want to go against what the security agencies have done in terms of Zamfara and maybe other states but the telecoms industry takes its guidance and obviously instructions from the federal government, especially when it concerns national security. One way of actually addressing high rates of crime, or where there’s challenging issues is to obviously break communication. That has always been the case before, mobile phones were introduced into the society. But now that they are reliant on the devices and the technology, if the security deems it fit that they need to actually infiltrate with the organisations, then, one of the ways to address it, is to try and disconnect them from being able to communicate. I think going forward, improved synchronisation of information, intelligence information across not only within the security apparatus but those local communities will improve the way and manner they can actually address the challenges that they’re currently facing right now.
In all of these engagements that you are going to be having, will it address the planned 5G rollout, and what is the state of spectrum in general in Nigeria, and cyber security conversations around spectrum?
In terms of the infrastructure, 5G is a technology just like 4G, 3G, 2G and in the past 1G. So we are addressing the current issues, and obviously, addressing the foreseeable issues. 5G is at our doorsteps and we need to ensure that its adoption is deployment, its impact on the current cyber security landscape isn’t significant to overwhelm us. As I said earlier, 5G will enable other services, other applications in cases, in terms of the telecommunication space, use cases that are new. So it brings a new dimension to the current situation we find ourselves in, so yes, 5G will be considered. Spectrum has always been a scarce in Nigeria, and across Africa in general because, obviously, in Nigeria in particular, we rely heavily on wireless communication and not fixed line communication. So yes there will be a discussion around how we can improve on the fixed line infrastructure, as well as the wireless infrastructure. So, the case of spectrum being a security issue has been addressed in terms of health issues. But in terms of how we actually utilise it to ensure that it’s used for good, rather than bad will be another discussion going forward over the next three months.
Can you give more details about the sensitisation workshop you are starting over the next three months. What is the structure, who are the participants, where is the location and more importantly, are cybersecurity companies in Nigeria involved in all of these?
I can tell you that we will be talking about identifying Critical National Information Infrastructure, (CNII), and we will also be describing fully, the CNII and also drawing out plans to protect and mitigates threats against our CNII. The outcome really is to have a dialogue and synergize our plans. There are various types of organisations who are trying to play in this field as it’s a very dynamic space. They will probably be involved but what we didn’t want, is the massive role, and that is why we are breaking them down into sectors that we will focus on to try and address specific issues in the sector and in the case of today, it’s the military and defense so it’s pretty wide I can’t mention names of those that will be participating but I can assure you that the Office of National Security Adviser (ONSA) will obviously give the major necessary press brief as to the outcomes after the deliberation and it’s happening in Abuja.
