How to tame monstrous challenges of cyber security threats in today’s financial services sector – Polaris Bank MD, Adekunle Sonola
The Managing Director/Chief Executive Officer of Polaris Bank Limited, Mr. Adekunle Sonola has said the banking industry in Nigeria and indeed the world is faced with a common challenge of cyber security threats and tackling it headlong requires the cooperation of all and sundry.
Sonola revealed this on Thursday in Lagos in his keynote address at the 54th Quarterly General Meeting of the Association of Chief Audit Executives of Banks in Nigeria (ACAEBIN), hosted by Polaris Bank.
The theme of the meeting was: “Cybersecurity threats and the challenges of building a sustainable financial sector: The way forward.”
The MD/CEO noted that Chief Audit Executives are strategic in curbing and checkmating the activities of fraudsters who are daily expanding the scope of their nefarious activities.
“The Chief Audit Executives (CAEs) sit at a vantage position with oversight and assurance functions on IT, Information system security, Internal Control and other areas of the organization. It is therefore important for CAEs to continually evolve, learn, unlearn and relearn to meet the demand imposed by the adoption of technology for the overall protection of their organizations if they really want to remain relevant in the scheme of things.
“Hackers and cyber criminals aren’t slowing down and so, Chief Audit Executives need to take a pragmatic approach to cyber security issues working with other relevant stakeholders.
“With the increase in frequency and sophistication of cyber-attacks, the task of building a sustainable and resilient financial institution is becoming more challenging. From the high cost associated with maintaining an efficient cyber security program to the issue around attraction and retaining skilled technical resources, managers in financial services industry face hard choices.”
Sharing statics from Cybersecurity Ventures to underscore the importance attached to cyber risks and the need for a holistic approach to handling them, Sonola said:
“The imperative to protect the increasing digitized businesses, Internet of Things (IoT) devices, and consumers from cybercrime will propel global spending on cybersecurity products and services to an estimated $1.75 trillion cumulatively for the five-year period from 2021 to 2025, up from $1 trillion cumulatively from 2017 to 2021.
“Global cybercrime costs are expected to grow by 15 percent per year over the next five years, reaching $10.5 trillion by 2025, up from $3 trillion in 2015.
“An amount of $20billion representing cyber security damages was attributed to ransomware in 2021, which is about 62X more than the $325 million reported in 2015.
“Over an eight-year period tracked, the number of unfilled cybersecurity jobs grew by 350 percent, from 1 million positions in 2013 to 3.5 million in 2021.
Sonola who was represented by Segun Opeke, Executive Director, Lagos Business said having recognized cyber security as not just a threat but a pandemic, said to curtail it, continuous investments in human capital is key.
According to him, there is urgent need to develop effective human capital management system to forestall cyber risks and ensure greater safety of the internet banking space.
He said the human factor is a major factor in addressing challenges of cyber-security and all stakeholders must pay attention to recruiting and managing reliable human capital.
The Polaris Bank boss noted that at the top of the cyber threats that the financial services industry is facing is human capital issue as people are responsible for both the threats and security of the system.
“If we talk about phishing attacks, people are the delivery medium. If we focus on malware, people are largely the execution factor, if we talk about weaknesses in systems configurations that allow an attacker to succeed in compromising systems, people are responsible for maintenance of such systems. If we take a look at insider related frauds and irregularities, we will see that people are at the centre of them all.
“The people factor remains a formidable threat agent for the survivor of any organization and its cyber resiliency. An emerging issue around people is the current high rate of staff attrition occasion mainly by “japa” syndrome and the attendant difficulty in resourcing to fill human capital vacancies,” Sonola said.
He also pointed out that the third party risk has also been amplified by open banking with increasing interconnectivity in the financial services sector and the growing global concept of open banking, making banks and other financial institutions increasingly susceptible to cyber risks
“Financial services currently rely heavily on the use of APIs to facilitate business-to-business connectivity. No matter how well protected an organization is, if a third party is weak, collectively the entire financial services industry will be weak because a chain is as strong as its weakest link,” Sonola said.
He added that technology and innovation are also a major risk factor for the financial services industry as the same cutting edge technologies such as artificial intelligence and robotics that are available to run businesses are also available to hackers and fraudsters who are using them against organizations.
Meanwhile, the Chairman Association of Chief Audit Executives of Banks in Nigeria (ACAEBIN), Mr Felix Igbinosa in his welcome address appreciated the Polaris Bank boss and management for their support and particularly for being a fantastic host of the Association’s 54th Quarterly General Meeting. He said the Association will continue to seek ways of enhancing the existing relationships through constant engagement and collaboration with all stakeholders.
He commended all stakeholders and regulators for all their efforts at regulating and improving the banking space for the overall good of the economy.
In their various presentations at the meeting; Mrs Rashida Monguno, Director, Consumer Protection Department, Central Bank of Nigeria (CBN) and Ladi Asuni, Partner, KPMG Nigeria urged the Chief Audit Executives to maintain broad-based perception to issues as they happen in their respective banks. They explained that while CAEs have the germane responsibilities of protecting their banks’ interests, however, that of the customers should not be jeopardized or compromised.