The COVID-19 pandemic led to a global shut down of economic activities. As a coping mechanism for the world, it necessitated a paradigm shift of activities from physical to virtual as education took to online learning and work became generally remote. Due to this switch, its effect on the IT teams were intense because they were the key enablers of this transition. However, with the maximizing of the cyber space came its attendant negative consequences because cyber-attacks became more prevalent especially within our country Nigeria.

In a recent survey; “The IT Security Team: 2021 and Beyond” carried out by Sophos group, a British security software and hardware company, it revealed that Nigeria had 60% increase in cyber-attacks. Notable examples are during the ENDSARS protest, a number of government agencies had their websites including that of the Central bank hacked. For a country with 104.4 million internet users, it has indeed become timely that awareness on cyber security is prioritized as its effect on government and society and consequently the national economy is enormous.

According to Wikipedia, cyber security is the protection of computer systems and networks from information disclosure, theft or a damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide. Simply put, the protection from cyber-attacks. These cyber-attacks are multifarious ranging from ransomware, malware, spyware, phishing, smishing, spamming, denial of service attacks etc.

These cyber-attacks pose deleterious effects at the government, societal, business and individual levels. At the societal level, it could lead to breach of national security secrets, classified information, theft of sensitive data like medical and educational/research records. At the business level, such attacks jeopardize the reputation, leads to law fines and suites and decreases confidence level by customers and clients. For individuals, it could lead to identity fraud, financial fraud, leak of sensitive personal information for undue exploitation.

To effectively mitigate these cyber-attacks, proper consideration should be taken into the three core elements of cyber security being the people, technology and policies. It has been observed that the people (employees and administrators) are the weakest link. More awareness should be created on cyber security by training and retraining workers in organizations, vulnerability assessments and visibility should be carried out on their network systems to detect loopholes for cyber-attacks and secure the network. Zero trust security models and safe password policies should be adopted. There should also be a database of verified applications, the internet should be monitored to blacklist fraudulent and fake new sites. End users and employees should be taught safe computing, how to browse the web safely, use email securely, use network marketing and cloud services securely and also expose them often to phlishing and smishing tests to increase their vigilance and preparedness to handle such cyber-attacks. There also should be as much focus on secure coding as given to functional coding by software developers.

With the huge proliferation of businesses, public and private institutions into the cyber space, it is only expected that adequate measures be put in place to have them adequately secured.

The COVID-19 pandemic led to a global shut down of economic activities. As a coping mechanism for the world, it necessitated a paradigm shift of activities from physical to virtual as education took to online learning and work became generally remote. Due to this switch, its effect on the IT teams were intense because they were the key enablers of this transition. However, with the maximizing of the cyber space came its attendant negative consequences because cyber-attacks became more prevalent especially within our country Nigeria.

In a recent survey; “The IT Security Team: 2021 and Beyond” carried out by Sophos group, a British security software and hardware company, it revealed that Nigeria had 60% increase in cyber-attacks. Notable examples are during the ENDSARS protest, a number of government agencies had their websites including that of the Central bank hacked. For a country with 104.4 million internet users, it has indeed become timely that awareness on cyber security is prioritized as its effect on government and society and consequently the national economy is enormous.

According to Wikipedia, cyber security is the protection of computer systems and networks from information disclosure, theft or a damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide. Simply put, the protection from cyber-attacks. These cyber-attacks are multifarious ranging from ransomware, malware, spyware, phishing, smishing, spamming, denial of service attacks etc.

These cyber-attacks pose deleterious effects at the government, societal, business and individual levels. At the societal level, it could lead to breach of national security secrets, classified information, theft of sensitive data like medical and educational/research records. At the business level, such attacks jeopardize the reputation, leads to law fines and suites and decreases confidence level by customers and clients. For individuals, it could lead to identity fraud, financial fraud, leak of sensitive personal information for undue exploitation.

To effectively mitigate these cyber-attacks, proper consideration should be taken into the three core elements of cyber security being the people, technology and policies. It has been observed that the people (employees and administrators) are the weakest link. More awareness should be created on cyber security by training and retraining workers in organizations, vulnerability assessments and visibility should be carried out on their network systems to detect loopholes for cyber-attacks and secure the network. Zero trust security models and safe password policies should be adopted. There should also be a database of verified applications, the internet should be monitored to blacklist fraudulent and fake new sites. End users and employees should be taught safe computing, how to browse the web safely, use email securely, use network marketing and cloud services securely and also expose them often to phlishing and smishing tests to increase their vigilance and preparedness to handle such cyber-attacks. There also should be as much focus on secure coding as given to functional coding by software developers.

With the huge proliferation of businesses, public and private institutions into the cyber space, it is only expected that adequate measures be put in place to have them adequately secured.