Cyber
Warfare -
Winning the
Raging War
MOHAMMED, RAKIYA SHUAIBU
Chief Information Security Officer ( CISO) Central Bank of Nigeria , Abuja
Presented By:
2Know your
Enemy
3Evolving
Threat
Agenda 5National
Strategy
6Financial
Sector
Strategy
7Call for
Action
8Parting
Shot
1Opening
Shot
Agenda
Agenda
5
6
7
8 PARTING SHOT
CALL FOR ACTION
FINANCIAL SECTOR STRATEGY
NATIONAL STRATEGY5
6
7
8
1
2
3
4 KNOW YOURSELF
EVOLVING THREAT
KNOW YOUR ENEMY
LET’S GET STARTED1
2
3
4
4KNOW
YOURSELF
2Know your
Enemy
3Evolving
Threat
Agenda 5National
Strategy
6Financial
Sector
Strategy
7Call for
Action
8Parting
Shot
Agenda4
KNOW
YOURSELF
Let’s
Get
Started
“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”
SUN TZU
2Know your
Enemy
3Evolving
Threat
Agenda 5National
Strategy
6Financial
Sector
Strategy
7Call for
Action
8Parting
Shot
Agenda4
KNOW
YOURSELF
Let’s
Get
Started
• Regional Integration
• Diversification
• Financial Inclusion
• Population
• Infrastructure
23.13%Unemployment
2.01%GDP Growth
2.7%Employment
Growth
3XIncrease in
Electronic
Payments in the
Last 5 Years
62%Financial
Inclusion
38mRegistered
BVN Users
2Know your
Enemy
3Evolving
Threat
Agenda 5National
Strategy
6Financial
Sector
Strategy
7Call for
Action
8Parting
Shot
Agenda4
KNOW
YOURSELF
Let’s
Get
Started
• Interconnection
• Emerging
Technologies
• Knowledge
• Data
88%Companies
do not have
proper
access
controls
46%Websites
have high
security
vulnerabilities
95%African
Companies
not prepared
for attack
80%Organisations
to migrate to
the Cloud
2025
175Zettabyte of
Data by 2025
75BnIoT Devices
by 2025
2Know your
Enemy
3Evolving
Threat
Agenda 5National
Strategy
6Financial
Sector
Strategy
7Call for
Action
8Parting
Shot
1Opening
Shot
Know
Your
Enemy4
KNOW
YOURSELF
Agenda
Weaponization
of IoTs
Cyber Extortion
- Ransomware
Zero-day
Threat/
Vulnerabilities
Insider Threat
3rd Party Risk
Social
Engineering
2Know your
Enemy
3Evolving
Threat
Agenda 5National
Strategy
6Financial
Sector
Strategy
7Call for
Action
8Parting
Shot
1Opening
Shot
Evolving
Threat4
KNOW
YOURSELF
Agenda
Artificial Intelligence
Attack
Know your Asset
Know your stakeholders
Know your Adversaries
Know your capacity to
Prevent , Detect
Respond & Recover
2Know your
Enemy
3Evolving
Threat
Agenda 5National
Strategy
6Financial
Sector
Strategy
7Call for
Action
8Parting
Shot
1Opening
Shot
Know
YourselfAgenda
NITDA
Regulations on
Data, Cloud
SGF Standards /
Guidelines for ISMS
Anti graft
agencies of
Government
2Know your
Enemy
3Evolving
Threat
Agenda 6Financial
Sector
Strategy
7Call for
Action
8Parting
Shot
1Opening
Shot
National
Strategy4
KNOW
YOURSELF
Agenda
Cyber Security Act 2015 %National Cyber Strategy National Data RegulationNational CERT
CBN Cybersecurity framework for all Deposit Money Banks and Payment Services Providers
Committee of CISOs for the Nigeria FI has been established
Reporting Portal where CISO’s Share Information
National Electronic Fraud Forum
2Know your
Enemy
3Evolving
Threat
Agenda5National
Strategy
7Call for
Action
8Parting
Shot
1Opening
Shot
Financial
Sector
Strategy
4KNOW
YOURSELF
Agenda
IT Standard Council
Risk Sharing Centre
Awareness / User
Education
Cyber Army Training &
Retention
Situational Awareness
Background Checks,
People• Policies / Procedures
• Incident and ChangeManagement
• IT Business Continuity & Disaster
Recovery Testing
• ulnerability Management
• Cyber Drills• Information Sharing/collaboration
with other Organisations
Processes
• Traditional signature based
Security (firewalls, Anti-virus
etc.)
• Behaviour normalization
• Event correlation
• Forensics
• Internal and External Threat
Intelligence• Sandboxing
• Threat Hunting
• Data Loss Prevention
• Encryption• Multi Factor Authentication
Technology
2Know your
Enemy
3Evolving
Threat
Agenda5National
Strategy
6Financial
Sector
Strategy
8Parting
Shot
1Opening
Shot
Call
For
Action
4KNOW
YOURSELF
Agenda
• Capacity Development
• Information
Sharing/collaboration
• African Regional CERT
2Know your
Enemy
3Evolving
Threat
Agenda5National
Strategy
6Financial
Sector
Strategy
8Parting
Shot
1Opening
Shot
Call
For
Action
4KNOW
YOURSELF
Agenda
• Innovation
• Cyber Industry
• ITU Global Cybersecurity
Index
2Know your
Enemy
3Evolving
Threat
Agenda5National
Strategy
6Financial
Sector
Strategy
8Parting
Shot
1Opening
Shot
Call
For
Action
4KNOW
YOURSELF
Agenda
2Know your
Enemy
3Evolving
Threat
Agenda5National
Strategy
6Financial
Sector
Strategy
7Call for
Action
1Opening
Shot
Parting
Shot4
KNOW
YOURSELF
Agenda
“Every company has been or will be impacted by cyber risk. It is not over-hyped. If anything, it is underappreciated because the threats are
Not always well understood.”Emy DonovanGlobal Head of Cyber at AGCS
Thank you