The Inspector General of Police (IGP), Kayode Egbetokun, has counselled financial sector and business owners over the growing sophistication of cyber threat and consequent attacks on their databases and businesses.
The IGP, who spoke at the weekend through the Chief Superintendent of Police (CSP), Bashir Abdullahi, at the Moniepoint Staff Retreat in Abuja, also urged the financial sector and business owners to take proactive steps in the protection of their databases and be ahead of potential hackers.
Egbetokun also listed safety tips in combating cybercrime and fraud related issues in the financial sector.
Presenting the safety tips on behalf of the IGP, Abdullahi, who is also the Assistant Director Forensic, Nigeria Police Force National Cybercrime Centre, NPF-NCC, said there was the need for the stakeholders to know the impact of technology in the financial sector.
He said, “As technology transforms the financial landscape, it introduces unprecedented opportunities and challenges. The digitalisation of financial transactions has streamlined processes, but also opened avenues for cyber threats. Cyber attacks are evolving in complexity and frequency.”
He also spoke on the financial sector vulnerability, saying that the development has led to digitisation of financial transactions and centralised storage of sensitive customer information.
Abdullahi noted that cyber security is important for the financial sector to protect their customers data and ensure their trust.
He added that the financial sector and business owners must safeguard their financial assets and stability and prevent financial losses.
Speaking on the growing threat of cybercrime, CSP Abdullahi mentioned the cyber threat landscape and listed types of cyber threats to include phishing attacks, ransomware, DDOS attacks and insider threats. He further advised the stakeholders in the financial sector to know their enemies, saying that the common tactics used by cyber criminals are social engineering, malware and exploiting vulnerabilities
Regarding transaction vulnerabilities, Abdullahi said the stakeholders in the financial sector must identify the weak points in financial processes and take note of regulatory challenges by balancing innovation with compliance.
On why financial sector is a prime suspect, Abdullahi disclosed that the goldmine for cyber criminals is data, saying that valuable financial data remains personal information and transaction history.
Speaking on building a fortified defence, Abdullahi urge the stakeholders to invest in robust network security with strong firewalls, intrusion detection systems, and encryption protocols.
On human firewall, he said: “Employees are often the first line of defence. Training programs should be implemented to educate staff on threats and best practices, identifying and reporting suspicious emails, including clear communication channels.”
He further spoke on promoting a cyber security culture, saying that the development will foster a sense of responsibility among employees. Abdullahi also dwelled on cross-functional collaboration involving the IT, legal, and management in cyber security, saying that the reporting and incident response procedures will establish a clear protocol for reporting incidents.
On collaborative cyber security culture, Abdullahi said collaboration with industry peers, law enforcement agencies, and cyber security organisations is essential.
Regarding the navigating the compliance maze, Abdullahi said compliance with regulations and standards is compulsory.
He said: “Financial institutions are subject to various regulations and standards, such as Nigeria Data Protection Act (NDPA), Gramm-Leach-Bliley Act (GLBA), and Payment Card Industry Data Security Standard (PCI-DSS), which require them to implement specific security controls to protect their information assets.
“Failure to comply with these regulations can result in significant financial penalties and legal liabilities, including reputational risks. In conclusion, safeguarding the financial sector against cybercrime and fraud requires a comprehensive and proactive approach.
“Financial institutions must prioritise employee education, technological fortification, customer awareness, and collaboration to build a resilient defence against the ever-evolving landscape of digital threats. Continuous adaptation to emerging risks and adherence to best practices will be crucial in maintaining the integrity and security of financial operations.”