‘Nigeria needs to take proactive measures to combat cyber fraud’
After courageously switching careers from an oil and gas analyst to a cybersecurity professional, Mojisola Oyedele, encourages aspiring career changers to embrace the challenges and opportunities in cybersecurity. She tells Vanessa Obioha the hurdles she faced during her transition and emphasizes the importance of proactive measures to combat cyber fraud in Nigeria.
What specific aspects of your role in the oil and gas industry left you unsatisfied, prompting the decision to explore new opportunities?
In the oil and gas sector, my role was stable but quite rigid. I desired a career where fresh ideas were part of the daily grind and where I could actively participate in innovative problem-solving. Transitioning to the tech industry, particularly cybersecurity, reignited my passion for learning and allowed me to be at the forefront of developing solutions. This shift not only satisfied my appetite for dynamic work but also put me in the driver’s seat for creating impactful, tech-driven solutions that keep evolving with the industry’s needs. It’s this continuous loop of learning, creating, and adapting that keeps my career journey exciting and fulfilling.
Can you elaborate on the specific challenges you faced during the industry crisis while exploring new roles within the oil and gas sector?
As an oil and gas analyst during the industry crisis, I felt the impact of the sector’s hiring freeze directly. With companies focusing on survival rather than expansion, the possibility of growth within the industry dwindled, particularly those downstream. This period, however, became a catalyst for change. It forced me to reassess my career trajectory and consider pivoting to another industry where my skill sets could be equally valuable. It was this search that led me to explore cybersecurity.
Can you provide concrete examples of how your skills in business strategy and optimization, honed in the oil and gas sector, directly translated into your role in cybersecurity
When I began my transition from the oil and gas industry to cybersecurity, I found a world where my skills in strategic planning and risk management weren’t just applicable—they were necessary. In cybersecurity, these abilities come alive, supporting teams in building and executing robust strategies to shield data and systems from digital threats. For example, in my first role as a Vulnerability Analyst, my background in project management directly fed into identifying weak spots, and ensuring they’re addressed promptly.
My process-driven skills found a new purpose in cybersecurity. I often correlate data from diverse sources, similar to managing complex systems or designing user-friendly data visualizations that draw on principles of clear communication and user experience.
I believe that skill sets have been ‘retooled’ to fortify my firm’s cybersecurity’s multifaceted challenges. I now find my role meaningful and solution-driven work.
With the growing awareness of cybersecurity in Nigeria, what unique challenges did you encounter transitioning from the oil and gas industry, and what strategies did you employ to navigate these challenges successfully?
Transitioning to cybersecurity from oil and gas brought its challenges. My previous role involved meticulous risk management and adherence to strict regulations, which laid a solid groundwork for tackling cybersecurity concerns. In my new roles, my focus shifted to digital threats, paralleling my prior experience in safeguarding physical assets. I applied my analytical skills to cyber vulnerabilities, harnessing skills that were surprisingly relevant in this sector. Strategically, I honed my competencies in the cybersecurity language, allowing me to contribute effectively to an organisation’s digital safety, opening pathways to roles like Cyber Security/ Vulnerability Analyst and now Cloud security engineer. This journey proved the adaptability of my skill set and the importance of a strategic pivot.
Given the prevalence of upskilling through social media, especially in technology fields, do you believe it is a suitable approach, and what considerations should individuals keep in mind when pursuing this path?
In today’s technology-driven world, leveraging social media for upskilling, particularly in fields like cybersecurity, is a highly effective approach. Aspiring tech professionals can use platforms like LinkedIn to showcase their ability to solve industry-specific problems. The cybersecurity community thrives on shared knowledge, so presenting a portfolio of practical projects on social media can significantly enhance job prospects.
For those pivoting into tech, it’s crucial to demonstrate hands-on problem-solving skills. Platforms like GitHub allow individuals to share their projects and contributions, offering recruiters a tangible view of their capabilities. An active presence on such sites, along with a detailed portfolio on professional networking sites, can make a substantial difference in the job hunting process, especially given the global shortage in cybersecurity and cloud security roles.
Individuals should focus on building a comprehensive portfolio that reflects their skills and projects, showcasing their active involvement in the community. This not only displays their technical skills but also their commitment to continuous learning and contributing to the field. In summary, using social media and project-sharing platforms for upskilling and networking is a recommended strategy for anyone looking to advance in the tech industry, particularly in cybersecurity.
What aspects of cybersecurity do you find most intriguing and have kept you engaged in the field?
The most fascinating aspect of cybersecurity for me is the relentless evolution of cyber threats and the corresponding need for an innovative defence mechanism, especially in the wake of increased geopolitical tensions post-Russia’s invasion of Ukraine. It’s an ever-changing ‘battlefield’ that requires a blend of technical savvy, strategic thinking, and ethical consideration, especially as artificial intelligence becomes more integrated into security solutions. The dynamic nature of cybersecurity is intellectually engaging, offering a challenging environment where many professionals must be proactive and forward-thinking to stay ahead of sophisticated cybercriminals.
Could you identify the most prevalent type of cybersecurity threat and provide insights into effective strategies for overcoming it?
The most prevalent cybersecurity threat today is phishing. It manipulates individuals into providing sensitive data by masquerading as a trustworthy entity via electronic communication. To counter this threat, organisations must adopt a multi-layered defence strategy.
Firstly, educating employees is paramount. Conducting regular and updated training sessions to identify and respond to suspicious emails can significantly reduce the risk of successful phishing attempts. Interactive workshops that simulate phishing scenarios can be particularly effective.
Implementing advanced email filtering solutions that can detect and block phishing attempts before they reach the user is essential. These solutions often use machine learning algorithms to analyze email content, metadata, and sending patterns, flagging potential threats.
Fostering a culture of security awareness is critical. This involves regular communication about the importance of cybersecurity, sharing updates about recent phishing tactics, and encouraging a healthy skepticism about unsolicited communications.
Finally, regular simulated phishing exercises can help in keeping the team vigilant. These simulations provide practical experience in spotting phishing attempts and can help in identifying areas where additional training might be needed.
Additionally, organizations should consider implementing two-factor authentication (2FA) and ensuring that sensitive data is only accessible through secure and authenticated channels.
Given the prevalence of cyber fraud in Nigeria, what proactive measures do you recommend for both financial institutions and individuals to safeguard against falling victim to such schemes?
To fortify against cyber fraud in Nigeria, a proactive stance is imperative. Financial institutions must harness cutting-edge cybersecurity measures, continually refining them to thwart evolving threats. Concurrently, ongoing staff training to recognize and tackle cyber incursions is vital. A vigilant monitoring system to swiftly detect and address security incidents is also crucial. Moreover, educating customers on digital safety is fundamental in bolstering communal defences.
For individuals, staying informed about cyber threats, employing complex passwords, regularly updating software, and sharing personal details judiciously online are all key practices to safeguard against cyber fraud. It’s about cultivating a culture of cyber mindfulness to build a resilient digital defence.
As a woman in a traditionally male-dominated field, what strategies have you found effective in promoting diversity and encouraging more women to pursue cybersecurity careers?
Promoting diversity in cybersecurity, especially for women in this male-dominated field, hinges on highlighting the existing gender gap and showcasing the opportunities for growth and contributions, the approach should be holistic, blending skills development with a culture that acknowledges and values the unique contributions women can make to the cybersecurity field. Some key strategies I have witnessed to be most beneficial to women include:
i. Highlighting Initiatives and Support Systems: Emphasize educational and training programs, mentorship opportunities, and networking platforms designed specifically for women. These resources play a pivotal role in building confidence and skills.
ii. Valuing Diverse Perspectives: Stress the importance of diverse viewpoints in cybersecurity. Encourage the appreciation of the multifaceted nature of cybersecurity roles which encompass technical, strategic, and creative thinking.
iii. Redefining Recruitment Practices: Challenge traditional hiring processes by emphasizing the importance of unique perspectives and transferable skills, rather than focusing solely on technical experience.
iv. Fostering Community Engagement: Encourage active participation in professional networks and industry events to support women transitioning into cybersecurity roles.
