Cyber security must receive sufficient board level and government support


With our society becoming more dependent on technology and digital interconnectivity, cybercrime poses a whole new set of threats, risks and dangers to individuals, businesses and the society at large.

As part of efforts to combat this growing problem, there is an urgent need for board level support for the development and implementation of the right framework for preventing and combating cyber risks. This was elucidated by Atul Gupta (KPMG Global Cyber Security Lead, High Growth Markets) at the ‘2017 KPMG Africa Cyber Security Conference’ held at the Eko Hotels and Suites in Lagos.

According to Mr. Gupta, “a key imperative from the board governance perspective should be the identification of critical assets and the development of a plan for protecting them. It is also important to have a proactive approach for identifying new cyber threats and risks”.

The KPMG Africa Cyber Security Conference, themed ‘Security and Resilience in a Digital World’, was attended by hundreds of cyber security enthusiasts and representatives from different sectors. Speakers and panelists included leading cyber security experts from several countries including Nigeria, Ghana, Kenya, South Africa, India and Israel.

The conference presented an interactive forum for stakeholders to discuss the increasing risk and occurrence of cyber threats; and provided an opportunity for them to share their recommendations for individuals and companies to stay a step ahead of cyber threats by implementing the right cyber defense framework.

Presentations and panel discussions at the forum centered on important cyber security topics such as ‘Cyber in the Boardroom: Helping Boards Meet Their Responsibilities Regarding Cyber Security & Resilience’ and ‘Addressing the Skills Gap in Cyber Security’. There were also demo sessions by leading cyber security solution vendors, including SailPoint, CyberArk, Minereye, Microsoft, CheckPoint, and TrapX.

In his welcome address, Joseph Tegbe (Partner & Head, Technology Advisory & Markets, KPMG in Nigeria and Lead, Africa Cyber Security) explained that KPMG considered it imperative to hold this conference to bring to the fore increasing cyber risks that individuals and organizations are exposed to in an expanding digital frontier and economic space.

He also stressed the important role that   governments, company boards and management should play in bridging the skills gaps in the cyber security space.

In particular, he was keen to assert the importance of elevating the subject to be considered as a business risk rather than limiting it as a technology play.

Delivering the event’s keynote address, Dr. Kate Getao, ICT Secretary in the Ministry of Information Communication and Technology of Kenya, observed that African governments are already faced with the task of governing key social interactions, personally identifiable information (PII) and financial transactions which are mostly digital.

She also stressed the need for governments in Africa to study and conduct research on Cyber Security and its influence on society whiles building capacity in this space to be adequately equipped to oversee the increasing digital landscape.

Other notable speakers, moderators and panelists at the Conference included Andy Akoto (Partner and Head of Risk Consulting, KPMG in Ghana), Sam Aluko (Senior Manager, IT Advisory, KPMG in Ghana), Sylvester Apedoe (Head of Information Technology, Universal Merchant Bank, Ghana), Senyo Hadzor (Network Information Security Specialist, Vodafone, Ghana), Rakiya Mohammed (Chief Information Security Officer, Central Bank of Nigeria), Bharat Soni (CISO & Group Head, Information Security Group, GTB Plc., Nigeria), Chidinma Iwe (Chief Information Security Officer, MainOne), Peter Hunter (Territory Manager, Africa, SailPoint Technologies), Itay Kozuch (Lead, Cyber Defense Services, KPMG in Israel) and Isa Ali Ibrahim (DG, National Information Technology Development Agency, Nigeria).

Victor Onyenkpa (COO of KPMG in Nigeria) launched the 2017 KPMG Africa Cyber Security Publication titled, ‘Security and Resilience in a Digital World”. The publication examines major cyber security topics including emerging trends, government perspectives, board and management responsibilities and ways to address the skills gap in the cyber security space.

During the 2nd Panel Session (“Driving effective resilience & response to emerging cyber-threats”), Andy Akoto posited that Cyber security is not only about protection against attacks but also effective response. According to him, an established plan of action that immediately executes following a security breach is crucial to limit incident costs and damages to the company’s reputation.

As a highlight of the conference, John Anyanwu (Associate Director, Technology Advisory, KPMG in Nigeria) led the audience through the ‘Cyber Incident Response Game’, a live simulation of a typical cyber security attack (Ransomeware) and response scenario by a Bank. The game was designed by KPMG to show the speed and complexity of real world situations, providing an interactive user experience where the most popular decisions by the audience determined the sequence of the game.

Summarizing key learnings from the live cyber game, John Anyanwu noted the importance of effective collaboration within organizations as key to enhancing cyber incident response. According to him, it also highlighted the need for management to be educated on managing security incidents as well as the importance of robust information security awareness and resilient data storage systems


Leave a Reply