Cyber

Warfare -

Winning the

Raging War

MOHAMMED, RAKIYA SHUAIBU

Chief Information Security Officer ( CISO) Central Bank of Nigeria , Abuja

Presented By:

2Know your

Enemy

3Evolving

Threat

Agenda 5National

Strategy

6Financial

Sector

Strategy

7Call for

Action

8Parting

Shot

1Opening

Shot

Agenda

Agenda

5

6

7

8 PARTING SHOT

CALL FOR ACTION

FINANCIAL SECTOR STRATEGY

NATIONAL STRATEGY5

6

7

8

1

2

3

4 KNOW YOURSELF

EVOLVING THREAT

KNOW YOUR ENEMY

LET’S GET STARTED1

2

3

4

4KNOW

YOURSELF

2Know your

Enemy

3Evolving

Threat

Agenda 5National

Strategy

6Financial

Sector

Strategy

7Call for

Action

8Parting

Shot

Agenda4

KNOW

YOURSELF

Let’s

Get

Started

“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”

SUN TZU

2Know your

Enemy

3Evolving

Threat

Agenda 5National

Strategy

6Financial

Sector

Strategy

7Call for

Action

8Parting

Shot

Agenda4

KNOW

YOURSELF

Let’s

Get

Started

• Regional Integration

• Diversification

• Financial Inclusion

• Population

• Infrastructure

23.13%Unemployment

2.01%GDP Growth

2.7%Employment

Growth

3XIncrease in

Electronic

Payments in the

Last 5 Years

62%Financial

Inclusion

38mRegistered

BVN Users

2Know your

Enemy

3Evolving

Threat

Agenda 5National

Strategy

6Financial

Sector

Strategy

7Call for

Action

8Parting

Shot

Agenda4

KNOW

YOURSELF

Let’s

Get

Started

• Interconnection

• Emerging

Technologies

• Knowledge

• Data

88%Companies

do not have

proper

access

controls

46%Websites

have high

security

vulnerabilities

95%African

Companies

not prepared

for attack

80%Organisations

to migrate to

the Cloud

2025

175Zettabyte of

Data by 2025

75BnIoT Devices

by 2025

2Know your

Enemy

3Evolving

Threat

Agenda 5National

Strategy

6Financial

Sector

Strategy

7Call for

Action

8Parting

Shot

1Opening

Shot

Know

Your

Enemy4

KNOW

YOURSELF

Agenda

Weaponization

of IoTs

Cyber Extortion

- Ransomware

Zero-day

Threat/

Vulnerabilities

Insider Threat

3rd Party Risk

Social

Engineering

2Know your

Enemy

3Evolving

Threat

Agenda 5National

Strategy

6Financial

Sector

Strategy

7Call for

Action

8Parting

Shot

1Opening

Shot

Evolving

Threat4

KNOW

YOURSELF

Agenda

Artificial Intelligence

Attack

Know your Asset

Know your stakeholders

Know your Adversaries

Know your capacity to

Prevent , Detect

Respond & Recover

2Know your

Enemy

3Evolving

Threat

Agenda 5National

Strategy

6Financial

Sector

Strategy

7Call for

Action

8Parting

Shot

1Opening

Shot

Know

YourselfAgenda

NITDA

Regulations on

Data, Cloud

SGF Standards /

Guidelines for ISMS

Anti graft

agencies of

Government

2Know your

Enemy

3Evolving

Threat

Agenda 6Financial

Sector

Strategy

7Call for

Action

8Parting

Shot

1Opening

Shot

National

Strategy4

KNOW

YOURSELF

Agenda

Cyber Security Act 2015 %National Cyber Strategy National Data RegulationNational CERT

CBN Cybersecurity framework for all Deposit Money Banks and Payment Services Providers

Committee of CISOs for the Nigeria FI has been established

Reporting Portal where CISO’s Share Information

National Electronic Fraud Forum

2Know your

Enemy

3Evolving

Threat

Agenda5National

Strategy

7Call for

Action

8Parting

Shot

1Opening

Shot

Financial

Sector

Strategy

4KNOW

YOURSELF

Agenda

IT Standard Council

Risk Sharing Centre

Awareness / User

Education

Cyber Army Training &

Retention

Situational Awareness

Background Checks,

People• Policies / Procedures

• Incident and ChangeManagement

• IT Business Continuity & Disaster

Recovery Testing

• ulnerability Management

• Cyber Drills• Information Sharing/collaboration

with other Organisations

Processes

• Traditional signature based

Security (firewalls, Anti-virus

etc.)

• Behaviour normalization

• Event correlation

• Forensics

• Internal and External Threat

Intelligence• Sandboxing

• Threat Hunting

• Data Loss Prevention

• Encryption• Multi Factor Authentication

Technology

2Know your

Enemy

3Evolving

Threat

Agenda5National

Strategy

6Financial

Sector

Strategy

8Parting

Shot

1Opening

Shot

Call

For

Action

4KNOW

YOURSELF

Agenda

• Capacity Development

• Information

Sharing/collaboration

• African Regional CERT

2Know your

Enemy

3Evolving

Threat

Agenda5National

Strategy

6Financial

Sector

Strategy

8Parting

Shot

1Opening

Shot

Call

For

Action

4KNOW

YOURSELF

Agenda

• Innovation

• Cyber Industry

• ITU Global Cybersecurity

Index

2Know your

Enemy

3Evolving

Threat

Agenda5National

Strategy

6Financial

Sector

Strategy

8Parting

Shot

1Opening

Shot

Call

For

Action

4KNOW

YOURSELF

Agenda

2Know your

Enemy

3Evolving

Threat

Agenda5National

Strategy

6Financial

Sector

Strategy

7Call for

Action

1Opening

Shot

Parting

Shot4

KNOW

YOURSELF

Agenda

“Every company has been or will be impacted by cyber risk. It is not over-hyped. If anything, it is underappreciated because the threats are

Not always well understood.”Emy DonovanGlobal Head of Cyber at AGCS

Thank you