Nigerian banks lost N40bn to cybercrimes in 2013, the Central Bank of Nigeria disclosed on Wednesday.
The Chief Information Security Officer, CBN, Mr. Taiwo Longe, made this disclosure at the first National Cyber Security Forum in Lagos. The forum was organised by the Office of the National Security Adviser.
Speaking on the topic: ‘Ensuring information security assurance through policy framework’, Longe said cyber security had become an issue that the central bank was taking with all seriousness and thoroughness, especially in the cash-less economy regime.
He said the cash-less scheme would go live nationwide next month, adding that the CBN was not unaware of the need to collaborate with various stakeholders to ensure that banks and other players in the financial services sector ensured maximum information security.
According to him, information security is concerned with the confidentiality, integrity and availability of data regardless of the form the data takes, whether electronic, print, or otherwise.
Longe said, “Financial institutions, hospitals, telecommunication corporations and private businesses etc amass a great deal of confidential information about their customers, employees, products, research findings and financial status, among others.
“As such, there is a need for maximum security of this information that is collected, processed and stored on computers and transmitted across computer networks.
“When any of the confidentiality, integrity and availability of data is impacted, security is said to have been breached. There are various threats to information security. Some are very dangerous and disruptive; others are just a nuisance.”
The CBN chief information security officer noted that the fight against cybercrimes and other threats to information security could only be won through a robust information security policy framework.
He said that the CBN had engaged the banks to comply with some basic currently global security standards in the management and security of customer information.
Longe also said that the central bank had ensured compliance with such standards itself.
“While there are a number of international security standards that organisations are to comply with, some of which are sector, specific, the CBN has directed all Nigerians banks and other payment-switching companies to comply with the PCIDSS. Non-compliance is also attracting sanctions,” he said.
In another development, he said the market value of global cybercrime had reached $288bn.
Longe said the rising wave of cybercrime globally was alarming “and it is on that basis that the United Nations released the damning figures recently.”
“It is about to displace the drug trafficking market, which is worth $411bn. If anything, this alarming figure has only proven to us that we are in for a serious issue and that is the reason we will need to combat this challenge head on in Nigeria,” he added.
In his address, an official of the Department of Cybersecurity, Office of the National Security Adviser, Mr. Magaji Aliyu, said in view of the challenges of cybersecurity in Nigeria, the NSA had been on the forefront of ensuring an all inclusive legislative discourse on the cybercrime bill.
Aliyu said, “In continuation of measures towards safeguarding the nation’s presence in cyberspace, while ensuring the protection of national critical information infrastructure, the ONSA, in partnership with the Ministry of Communication Technology and Federal Ministry of Justice, among others, has agreed to host this summit.
“The general objective is to secure cooperation, understanding and the support of other critical government agencies, which will help in streamlining the disjointed policy document as well as achieving a coherent and all-inclusive strategy in which all other similar cybersecurity undertaken in the country will be infused into the overall framework of the National Cybersecurity Policy.”
The National Security Adviser, Mr. Sambo Dasuki, had earlier stated that the forum was informed by the need to address cybercrime, which had become a national security issue.