With cyberattacks on the rise, organizations across the globe are contending with loss of reputation, loss of customers, potential financial liabilities, regulatory notification requirements and sometimes, litigation. To address this menace, however, Tardigrade, a Nollysoft’s Enterprise Risk Assessment (ERA) solution, has been identified by experts as a veritable roadmap that would provide a better understanding of the cybersecurity space and a good grasp of the internal control mechanisms to organizations towards cyber threats.
The greatest war that countries in the 21st Century currently face and which they must prepare to win headlong to actively participate in the global economy largely driven by the Internet is cyber warfare. As such, the need for organisations to deploy a security solution that helps to iidentify factors contributing to and determining the organisation’s overall cyber risk; assess the organisation’s cybersecurity preparedness; evaluate whether the organisation’s cybersecurity preparedness is aligned with its risks; determine risk management practices and controls that are needed or need enhancement and actions to be taken to achieve the desired state and offers informed risk management strategies to organisations cannot be under-estimated. Indeed, local and regional authorities, professional IT associations and various reports home and abroad have raised the sentiments around the danger posed by cyber threats and the need for each
organisation to get its IT infrastructure weaponised through effective internal controls and security solutions.
Rising wave of concerns
For instance, the telecoms industry regulator in Nigeria, the Nigerian Communications Commission, has noted that cybersecurity has become an essential component of the human activity. This was the position of the Executive Vice Chairman of the Commission, Prof. Umar Danbatta, at a cybersecurity forum in Lagos,where he noted that cyber attacks’ high level of complexity requires action at different levels (both virtual and physical) and by different actors, including governments, private sector, civil society, intergovernmental organisations, among others.
According to him, the current scale and growth of ICT applications transcend all spheres of social and economic boundaries worldwide.
“Whether it is broadcasting (digital TV) or social networking, e-Commerce (mobile banking and financial services), e-Governance (government services management, e- education, e-health, e-taxation, e-commerce), governments, institutions and the society, in general, are increasingly embracing these technologies and at the same time becoming exposed to vulnerabilities of cyber-attacks,” he said.
He, therefore, strongly advocated that technical measures such as the Nollysoft’s Enterprise Risk Assessment (ERA) solution and appropriate legal instruments must be put in place to enhance the resilience of cybersecurity infrastructure and safeguard cyber technologies users.In the same vein, Secretary-General of the Commonwealth Telecommunications Organisation (CTO), Mr. Shola Taylor, has also raised serious concerns about the dangers of cyber attacks and the need for a synergy by stakeholders to mitigate and, if possible, prevent their potential risks on organizations IT infrastructure.
According to Taylor,
“Cyberspace contributes significantly to achieving countries’ national development goals, and so international organisations, national security services, operators, intelligence and data protection agencies, as well as citizens all have a role to play in makingcyberspace safer and more resilient,” he said, while sharing the CTO’s experience in developing national cybersecurity strategies for Commonwealth member countries as well as other countries, including Senegal last year. Potential risks, exposures and losses
In Nigeria, over N127 billion is lost annually by mostly business organizations and ministries, departments and agencies (MDAs) of government, translating to 0.08 per cent loss in the country’s annual Gross Domestic Product (GDP), according to the country’s Minister of Communications, Adebayo Shittu.
Also, 62 per cent of firms are being attacked weekly, according to a 2017 International Data Corporation (IDC) InfoBriefsponsored by Splunk. In the report, it was noted that with malware becoming more advanced with encrypted ransomware, the security breach impacts organizations may include loss of reputation, loss of customers, potential financial liabilities, regulatory notification requirements and sometimes litigation instigated by victim customers. President, Cyber Secure Conference organized by the Cyber Security Experts Association of Nigeria (CSEAN), Mr. RemiAfon quoted another statistics, which puts the cost of cyber-crime globally at $700 billion per year.He said the loss is projected to rise to about $2 trillion by 2019, due to the rapid digitization of consumer lives and company records. Breaches like these have steadily been on the rise as according to reports, the number of incidents has increased by more 38 percent annually since 2015. According to U.S. State of Cybercrime survey, Ponemon Institute, and Juniper research, cybersecurity events and costs are increasing, data breaches are expected to reach $2.1 trillion globally by 2019. Thus, Afon argues that there is a need for Nigeria to implement the National Cyber Security Strategy and Policy and ensure effective implementation of the Cybercrime Act 2015 as well making organizations embrace the newest solution. One of such security solutions ready to tackle cyber attacks on organizations in the country is Tardigrade, a Nollysoft’s Enterprise Risk.
In Nigeria, over N127 billion is lost annually by mostly business organizations and ministries, departments and agencies (MDAs) of government, translating to 0.08 percent loss in the country’s annual Gross Domestic Product (GDP).
Assessment (ERA) solution.
This is instructive as industry experts have said organizations in Nigeria are in dire need of cyber experts that could help secure the cyberspace and one of the ways to boost protection is to embrace and deploy innovative solutions offered by security company/experts. Tardigrade – an Enterprise Risk Assessment (ERA) solution to the rescue In the industry today, Tardigrade, an Enterprise Risk Assessment (ERA) solution, introduced into Nigeria by Nollysoft, towers among other Risk assessment solutions present robust impact assessments and strategic security solutions to organisation by helping them to have in place processes that ensure they understand their gaps and state of preparedness to respond to cyber breaches. Senior Management and Board of organizations are often faced with the following key concerns among several: How protected is their organization from internal and external threats, is the organization a direct target for attacks, who is accountable for assessing and managing the risks posed by changes to the business strategy or technology? Others are how effective is their system of internal control and being applied? how do they compare to competitions and how do we compare with our peers in the industry? Tardigrade solution effectively addresses these concerns. According to industry experts, organizations need a good handle on the cyber threats and risks their organization may face. They also need to have a grasp of whether their system of internal control is effective, or basically, need to implement specific security controls from standards such NIST 800-53 or ISO 27001. The Tardigrade assessment solution helps organizations to understand their cybersecurity and internal control risks so that they can implement appropriate mitigation controls to achieve a desired state of preparedness.
“Tardigrade Cybersecurity Assessment helps organizations identify their risks and determine their cybersecurity preparedness. The assessment solution provides businesses with repeatable and measurable processes to inform senior management of their organizations’ cybersecurity preparedness over time,” said Sola Koleowo, Chief Executive Officer of Nollysoft Limited on behalf of the company.
The ERA solution, Koleowo, said is based on best practice frameworks set by Federal Financial Institution Examination Council (FFIEC), Information Technology Examination Handbook (ITEH), National Institute of Standards and Technology (NIST), Cybersecurity Framework (CF)and International Standard Organisation (ISO 27001) and regulatory guidance. According to him, the Tardigrade Internal Control solution enables organizations to understand deficiencies in their system of internal control to allow the creation of effective mitigating control to help achieve business objectives. It is based on industry standard and best practices framework – Committee of Sponsoring Organisations of the Treadway Commission (COSO). On the security requirement traceability matrix, Koleowo said, “Tardigrade Security Requirement Traceability Matrix solution allows organisations to effectively select security controls from standards and regulations for implementation either as a part of a Secure Software Development Lifecycle (SSDLC) or regulatory mandate,” stressing that the solution currently supports 2 industry standards: NIST 800-53 R4 and ISO 27001-2013, and two regulations: Sarbanes-Oxley (SOX) and Monetary Association of Singapore (MAS).
The Tardigrade assessment solution helps organizations to understand their cybersecurity and internal control risks so that they can implement appropriate mitigation controls to achieve a desired state of preparedness.
The total cost of ownership (TCO) of the Tardigrade solution is low. No CAPEX needed to acquire the solution. It is a Cloud-based solution and being offered as a service.
Leveraging innovative enterprise risk assessment solution such as Tardigrade by organizations from private to public sectors of the economy will not only guarantee effective protection for user organizations but also help curb losses to the national economy. This is just as industry analysts say the arrival of Tardigrade will raise the bar of organizations’ protection against potential cyber threats and associated losses. You can use these quotes in between the article
Over N127 billion is lost annually in Nigeria by most business organizations and ministries, departments and agencies (MDAs) of government, translating to 0.08 percent loss in the `country’s annual Gross Domestic Product (GDP). Also, 62 percent of firms are being attacked weekly, according to a 2017International Data Corporation (IDC) InfoBrief sponsored by Splunk The security breach impacts on organizations may include loss of reputation, loss of customers, potential financial liabilities, regulatory notification requirements and sometimes litigation instigated by victim customers. The Tardigrade assessment solution helps organizations to understand their cybersecurity and internal control risks so that they can implement appropriate mitigation controls to achieve a desired state of preparedness.