‘Nigeria needs to be truly prepared for the fight against cybercrime in 2017’
Seeing that the Federal Government of Nigeria is determined to fight cybercrime, especially with the increased use of mobile phones for personal and financial transactions, CheckPoint recently released cyber security predictions for 2017. Discussing future predictions and riding on the fact that online security predictions given by CheckPoint for 2016 came true, Rommy Okonkwo, Country Manager, Check Point Nigeria, tells JUMOKE AKIYODE how difficult it would be to tackle the menace in the coming year without preparing for it with adequate information and data to find and persecute cybercriminals
Could you tell us what CheckPoint is about?
We are a world-wide network security company; we lead the security market globally. We innovate the market right from the very inception that we went to the market. From the very moment we introduced fire world, virtually every networking organisation was in it. From the inception, we have continued to lead the security market. It is also our expectation to continue to be the leader, while others follow and they challenge us in the market.
Most of the online security predictions for 2017 made by checkpoint were about what lies ahead in terms of security for the global IT industry, can we bring this down to Nigeria and know what the country should prepare to fight for online protection in the coming year?
I can tell you that the security awareness has grown in our country today. Although it was not what it was couple of years back when I took up the responsibility as the country manager to Nigeria and West Africa. I can tell you today that the awareness has grown. People are aware of what the cyber criminals are doing out there and they are aware of the challenges that they stand to face when they do not protect their environment. Today those of us that are in the security field and those that are aware of what the trend is, think that what people see as our traditional phones are no longer what they are today, especially the smart phones. We can count how many times we use our personal computers or laptops, compared to the number of times we use our phones. What our concern is in the market is the threat that can infiltrate into organisations through the use of mobile phones. The awareness is growing especially for the CEOs and the top executives of organisations who travel a lot and connect to the public network via their mobile device, then you must ask themselves questions of how safe the information that lie in your devices are. Also how safe is it for me after connecting to a public network, or a public Wi-Fi and come back to my corporate environment? How safe is this when I connect with this, especially when my device is not connected? So for us, in 2016, it was one of the projections, both globally and our own country today because of the need for smart phones and what we do with them. Our country has grown so high and we see it double every now and then. People do more than what is expected with their mobile devices compared to what it was couple of years back. We also need to start thinking of how to make sure the corporate information that lies in that device is also protected and this is where security comes up.
In 2016, Cyber security was declared a major statutory responsibility of the present administration and the concerned government agency like National Information Technology Development Agency (NITDA) vowed to “wield its powers to ensure that the administration succeeds in achieving peaceful and secured cyber space activity”. How well do you think the government tackled the menace?
It will be our wish to partner the federal government of Nigeria to fight cyber crime. You cannot succeed in fighting crimes without really getting ready for it. There are more intelligent ways in which those fights can be won and one of them is through technology. A couple of weeks back, I read on the Nigerian daily that Nigerian government signed an agreement with a particular country in cyber security. What we are doing now is to see how to partner with government to provide security. We believe there are several areas we can add value to the government. If there is a right time to partner government on cyber security, this is about the time. We need information to persecute the cyber criminals and we need certain data to fish out the people that perpetrate this act. How can we do that if not with technology? This is actually where we have to partner them and provide some sort of consultancy to them.
What could be done to increase cyber-attack and security awareness in Nigeria?
I always look from where I was coming from five years ago when I took up the responsibility to run CheckPoint business for Nigeria and West Africa, I remember then that couple of customers that I met especially in the financial service sector, what I hear most of them call Check Point is Nokia. They will tell us they have a Nokia box but they are not using it because of things like support, response time, knowledge gap and skill gaps. It was tough for us but I was very optimistic because I knew the company I was working for. I knew we needed to fix all the gaps, like to close the gap of skills. We needed to let people also know the improvement on our response time and probably get a professional service in country to be closer to the customers. So, when we started to deal with these things, I remember then that a lot of the times, we had to go tell the customers that we want to be part of all these. The awareness has really grown, we sit in the office, get direct request from customers across the verticals, be it banking, TELCOs, manufacturing and services and small and medium businesses. We get request even from customers that we have never met before. We refer to them as prospect customers. People call us; send us emails online that they will like to have conversations with us so that we can advise them on what to do in terms of security. For us, it is a good thing for us. These are my expectations for the business. All along, I have looked up to the day CheckPoint will be an household name in the industry. This is where we are going. The only sector that we have not started to see such response from is government. It is not as if government before now was not sensitive to the challenges of security. Looking at what happened in the United States of America, the impression they gave everyone was that Russia hacked into the American system and made a mess of the result. These are the kind of feedback you will get from companies and organisations who have not taken the time to put the necessary things in place. If they do not do it, chances are that data could be compromised and your organisations could be infiltrated and once these things happen, you are likely going to lose either data or confidential documents. So, we have seen a lot of improvements, even though we are not where we should be yet. This is why our company is investing a lot in terms of publicity, direct marketing to the end customers and the partners. We do a lot of briefings with the Chief Information Security Officers. We educate them, talk to them on reasons why security should be part of their budget. For us at CheckPoint, we have tools with which we do all of these things and talk to the customers on why they should have a budget to address security issues.
Reports have revealed that Nigeria’s Financial Services industry is one of the most affected by cybercrime, in the coming year, how do you think they can scale up efforts to combat cybercrime?
Yes financial institutions are being affected by cybercrime but they are not limited to them alone. It is virtually everywhere. The TELCOS are suffering the same thing; even the government agencies are suffering the same. The financial institution seems to be where the focus is the most. That is one sector where you have people that are very much informed and you have lot of investments just to make sure they have adequate protection in place. Today in Nigeria, we have had a lot of engagement with all the banks in the country and I can tell you that the conversations have been very positive because when you talk to people who are aware of what the challenges are and what the implications will be when they are not pro-active, then you realise that the conversations will be a good one and that is what it has been for us. We speak with them on a daily basis, we do a lot of education, product concept and they take it up. When people see evidence, it makes more sense to them.
We have tools at CheckPoint where we give these visibilities to customers.
The tool we have does a scan and produces and that report tells organisations where to pay attention to in their network, so that criminals do not hack into their account. There is always a price to pay for not being pro-active. If this is not done, it could cost someone the person’s job.
The federal government may come up with a policy that says if an organisation is not protected and if there is a bridge; chances are that whoever takes care of that network is likely going to lose their jobs. We have seen this happen in other countries, bank CEOs put in their resignations simply because of issues like this.
With the rapid growth in Nigeria’s IT industry, rise of Smartphone, tablet and wearable device ownership and significant improvement in broadband internet services cybercriminals and hackers have moved to mobile and your predictions suggest that attacks on mobile will increase in 2017, how best can organisations protect themselves?
Today, the phones are not just used to take calls, what we do with our phones are a lot more. Now that applies to organisations who allow employees to get into the corporate network with their devices. This is where the challenge is. In 2017, we want to encourage our employees to access the corporate network on their personal devices. It is not just mobile phones; it could be their laptop, I-pad amongst others. When we have such organisations that open up, it saves the company money they would have spent buying new systems. What they cater for is the cost of making sure that when they get into organisations, everything about the corporate organisation is safe. Then, there is a need to have in place policies that will restrict people from doing certain things within the network. There should be policies on the applications to download and the level of things to done and a third party not having access to the documents. Every employee should read and understand the implications of such policies.
Can you please explain why checkpoint predicts that in the coming year, cyber-attacks would be spreading further into the industrial Internet of Things (IoT)?
This also has a lot to do with the growth of the internet usage. Virtually everything can be done with internet today: Online purchases, flight bookings, hotel reservations amongst others. Because these things are this way, it could mean that internet could be a means through which the criminals can reach out to so many things. Companies get compromised; the criminals no longer need to be with you to compromise things. The more people are aware of their environment and what they do in the corporate environment, the better for them. When people have adequate protections, then things will work out very well.