Directors of listed and private companies in the country have been advised to take active roles in their respective organisation’s cyber-security framework and operations.
The advice was given against the backdrop of high-profile and sophisticated online attacks on large commercial banks.
Chairman, Board of Directors of Fidelity Bank Plc, Ernest Ebi gave the counsel at the 2019 Bank Directors’ Association of Nigeria (BDAN) Conference on Cyber-security held in Lagos.
Whilst stating that organisations have become completely dependent on cyber networks to run their processes, Ebi pointed out that Boards need to understand and approach cyber-security from enterprise-wide risk perspectives rather than Information Technology (IT).
He said rapidly evolving data breaches and attacks have caused significant financial and reputation damage to many organisations. “The Board should develop expertise on cyber risk. Cyber-security must be a constant on the Board’s agenda”, he said.
President, Governing Council of BDAN, Osaretin Demuren recognised the importance of information sharing in tackling the growing menace of cybercrime. Demuren noted that sharing of relevant information among stakeholders in the financial services industry would help demystify the activities of hackers and cyber criminals.
This, she added will make them less effective in perpetuating their nefarious deeds. “Cyber security is one of the top risks that is being faced not just in the financial sector, but in all sectors of the economy.
“However the impact is more felt in the financial sector, because once you hack into one, all the others are open. So, it is very important that people are aware of cyber risk and the damage it can do to businesses”, she explained.
Emphasising the importance of the Board in an organisation’s cybersecurity posture particularly in relation to protecting shareholder value, Partner and Head of Technology Advisory Practice & Markets, KPMG, Joseph Tegbe said the board must do all it can to mitigate risk for consumers and shareholders.
Tegbe, in his keynote address, said the Boards should be held responsible and accountable for cyber breaches. “Managing cyber risk should be a Board priority. Boards must develop requisite capacity to ask the right questions from Management”, he explained.
He also advised organisations to conduct cyber-security assessment to help reduce risk, minimize breach impact, and protect against future attacks. “Building cybersecurity capabilities for banks must be strategic. We must be proactive and not reactive”, he added.
The conference themed “Cyber-security in Banks: The Role of the Board” featured a panel session with cyber-security experts, who shared their unique perspectives on how the menace of cybercrime particularly within Banks can be nipped in the bud. Some of the panelist include: Managing Director/Chief Executive Officer, Digital Jewels Limited, Adedoyin Odunfa; Founder, Computer Warehouse Group Plc, Austin Okere; Chief Strategy Officer & Cyber Risk Services Leader, Deloitte West Africa, Tope Aladenusi, among others.