Insider threat cost...
 
Notifications
Clear all

Insider threat costs Nigeria $194m

1 Posts
1 Users
0 Reactions
369 Views
Joined: 1 second ago
Posts: 0
Topic starter  

Insider threat from workers and management of organisations tops the cost of cybercrimes in Nigeria.

A total of $194 million, representing 30 per cent of the $649 million lost to cybercrime last year was from insider threat,  2017 Cyber Security Report released in Lagos has shown.

Titled: Demystifying the Africa Cyber Security Poverty Line, it was presented yesterday at  the 9th Annual Payment Systems Conference organised by E-payment Providers Association of Nigeria (E-PPAN).

The report also showed that over 90 per cent of  organisations in the country are operating below security line. This, the report finds is significantly exposing them to cyber security risks.

Read also: How to combat cybercrimes

In its second edition, the report is the brainchild of Kenya based Serianu Limited in partnership with the United States International University (USIU Africa) and Demadiur Systems Limited.

Presenting the report at the conference, which attracted mostly stakeholders from the financial industry and security agencies in Nigeria, the Project Manager at Demadiur Systems Limited, Mrs. Sylvia Ntia noted that attacks on computer systems (unathorised access malware) came second in terms of cost of cyber security activities with $130 million, representing 20 percent.

Other breakdowns of the losses, according to her indicated that while social engineering and identity theft cost $97million, representing 15 per cent, email spam and phishing cost the country $78million, representing 12 per cent.

Other activities include data exfitration, which is responsible for $65 million cost, representing 10 per cent. Online fraud scam and ramsomeware came bottom with $52million, representing eight per cent and $33million representing five per cent respectively.

The report recommended what it termed Top 10 cybersecurity priorities for 2019. They are database security, privileged user management, patch management, unstructured data management and endpoint security.

Others are employee security awareness, vendor/third party security, the board’s changing role, security architecture/engineering skill set and continuous monitoring.


   
Quote
Share: