JPMorgan in their 2012 Online Fraud Report estimated that $3.5B was lost to online frauds. Another research from Juniper Research estimated online frauds to rise to $25.6 billion by 2020 meaning at this time, $4 in every $1,000 of online payments will be fraudulent. (Yeah, scream with me)

Year 2016 was niggling for many corporate organizations with many of them falling victims of cyber-attacks and making headlines over report of major breaches. Cyber attackers are not stopping the fun in the year 2017 as a lot of data breaches and digital break-ins have been reported this year already. Amongst this attacks is the famous WannaCry attack (A digital extortion) that crippled hundreds of thousand computers worldwide and also caused predictable stock market euphoria.

There is no doubt that cyber-attack as a business will continue to grow as attackers continue to try to take advantage of numerous porosity in the cyberspace and Nigeria as a country is not left behind, in fact the level of porosity on this side might be higher because of so many reasons which includes an obvious lackluster attitudes displayed by most citizens to cyber security etc.

It is reported by Cyber Security Experts Association of Nigeria (CSEAN) that Nigeria is currently vulnerable to cyber-attacks, well so do almost all other countries (so that’s old news) but what are the measurements put in place to counter cyber-attack efforts by the Federal Government of Nigeria?

Few months ago, The Senate reports a $450 million loss to 3500 cyber-attacks on its ICT space and we have not even started, it is most definitely going to get worst as technology advances. Every advancement in technology opens fresh space for vulnerabilities.

Despite all this revelations and occurrences, more than 80% of organizations and agencies in Nigeria don’t even believe there is any need for security implementation and extra commitment yet since they are yet to suffer a major cyber-attack (typical Nigeria mentality right?). It is worth noting that some companies didn't take digital security seriously enough to patch known vulnerabilities in Windows software and that is what opened door to the famous WannaCry Ransomware.

What does this translate to for businesses opened to cyber-attacks? It is time to take Cyber Security at neck deep seriousness. It has become abundantly clear that no network is completely safe, once where companies thought they could defend themselves against an onslaught, they’re now realizing that resistance is, if not futile, certainly less important than having a plan in place to detect and neutralize intruders when they strike as many businesses most likely do not have any formal cyber security incident response plan across their organizations.

Rather than understate the risk of a cyber-attack, businesses must “accept the reality” that they will be breached and to plan for this inevitability, companies must identify their most important information and where this data resides. They must then monitor access to this data across networks, systems and endpoint devices. Risks are not just within the walls of the organization anymore, inter-dependencies with other businesses and third parties across the business ecosystem also breed risks. Humans poor process implementation or social engineering is also a thing, Humans are curious creatures and, in a big organization, there will always be an employee who clicks on a booby-trapped link or attachment(phishing) - perhaps in an email that appears to be from a boss or someone that steals an employee’s log-in credentials and gets access to the company network.

No longer can organizations understate their risk of cyber-attacks. Denying the widespread thinking that bad things happen only to other companies merely postpones the inevitable. But fully accepting the repercussions of a cyber-attack is a great motivator for businesses to take action before it’s too late.