As Internet penetrates, the world will continue to transition markets and businesses into the cyberspace from the meatspace. Consequently, individuals, firms and nations will do more transactions online. Online business and communication offer speed, efficiency and cost reduction.

Nonetheless, as cyber culture increases, governments, firms and individuals will be faced with digital terror, digital fraud, and intellectual property thefts, among others. The solution is not to decouple from the cyber community; rather, to develop a holistic strategy that will mitigate these threats.

During my days as a bank IT infrastructure administrator with certification in Cisco technologies, I noted some points on what firms and individuals can do to protect themselves. The following are updated suggestions on how to stay secure in a digitalizing world for the trio of governments, individuals and firms.

• Establish IT Security Policy

Many organizations do not have IT security policy. That creates vulnerabilities for them. Irrespective of your size, you must have a policy that ensures that your firm’s digital asset is well secured and protected with steps defined on how those will be done. Understand that your cyber threats are not just from the computers, those Smartphones are internet nodes and could destroy your firm’s competitiveness. As staff accesses more office data via these phones, you must have a policy to ensure that you have your data secured. There are many Wi-fi enabled devices today; those are potential threats if they can compromise your data. Even a GPS location system could harm your strategy if it can reveal to the whole world where your marketing directors are going. You must specify how those marketing team use those solutions.

• Train Your Staff

While you can have an IT Security Policy, that is not enough. Every firm must make sure that staff understands this policy and what they must do to keep the digital ware safe and secured. Do not assume anything. And this training must be continuous; as the digital threats evolve, you must update the knowledge of your staff. My business offers a good training program for companies.

• Make Your Staff Partners

This is perhaps the most important for financial institution. The most threats come from the staff or what they call internal customers. While you can have policies and tell them what they do, you must ensure that you have ethical and honest work teams that are dependable. It turns out that many IT security issues in financial institutions happen due to mistakes or involvements of staff.

• Under Industrial Espionage

Assume that in this ultra competitive world that your firm may be under attack. Understanding this means you must develop ways to curtail it. You must protect your trade secrets; otherwise your survivability can be compromised. Think through the ways you package your technology and how you relate with your customers if there are potential threats to trade secret. Also, assume that some other firms in other nations may want to steal from you. Be vigilant.

• Get Data off the Web

In the most critical instances, the most secured data are those which are not online. You can disconnect your very important servers online or dynamically in sequence change their network addresses. It is not all machines that have to be online. As a young graduate, I told a former university chancellor who was opening a tax business that one machine must be offline since he could not guarantee that it cannot be hacked. In the same way, build a network where you create a cushion between your most critical server and the web. In other words, have a redundant server between your critical data and the web so that any attack will first hit that redundant one.

• Backup

While the digital world makes life so cool, it could also destroy life. Have a backup strategy irrespective of the size of your business. Never assume that the computers will be working. And when you backup, use a protected storage device. I have come to like Flash Memory Keys that are password protected for individuals. For big firms, there are tapes which are developed for this that can store lots of data. For banks, they not only have to backup, they must move the backup away from their locations. In other words, when you backup in Victoria Island, you can store that backup in Ikeja (both in Lagos State, Nigeria). For big organizations, you may have to move to another state with a larger geographical spread.

This is important since if a natural disaster happens in Victoria Island, you can easily recover and continue operation in Ikeja. For the most critical institutions, you can do live off-site backing where data is sent live to an offsite that is in another state or even country. Again, that communication must be well secured.

Note that using Dropbox can be a very successful backup strategy. Backup has been simplified in this age.

• Use Bank Vaults

When I came to the United States from my home nation, I used bank vaults for all my important documents. As a student in the graduate student living area, I was not confident to leave my data there. That made sense since losing the items could be problematic. The same goes for some company IT backups, if you cannot store in a good secured place, use a bank vault, where available.

• Individuals, Move Tax Documents off Computers

Until I started working and could afford to upgrade my personal computers with good security software, I never stored any of my tax documents in my computer. In short, I do not now even though my computers are protected. I have this understanding that my small machine cannot keep up to date with hackers since they have more resources and I do not want shocks. What I do is this, as soon as I finish completing my tax documents online, I save the PDF document on my laptop. I do that after I have put my computer off the Internet. Quickly, I move the data to my flash key which is password protected and print a hardcopy. I then delete the file and reconnect to the web.

• Develop Your Security Tools

For big organizations with more major threats, it is not all security tools that can be bought. The more security tools diffuse, the more hackers or bad people try to compromise them. So, if all uses one security tool, the risk of breaking it is higher than the lesser used one. During my master’s programs (in Information Technology), I developed a simple metric to determining when to buy or build. The more market share a security software gets, the lesser points I assign it, as I assume that its risk profile correlates with market penetration. That is counter-intuitive, but it makes sense. My point is that lesser known solutions are not prime targets. If you lack ability to build, negotiate for a custom solution that will not be distributed to the mass market.

For military, I even imagine them getting a different kind of network since they have allowed us to use the present one. It makes no sense that Pentagon and Nigerian military command use the same net backbone I use in my house. They need different ways of getting into the web, the rest of the bad boys cannot understand. The same goes for how you store data on cellphones and other Apps. They are threats and you must follow up.

• Finally, UN-Backed Cyber-Weapon Non-Proliferation Treaty

We have the nuclear; yes, we need the cyber equivalent in this world. While nuclear bombs are dangerous and quick destroyers, cyber weapon can kill slowly a nation’s economy and long-time competitiveness. United Nations must step up and provide leadership to ensure our digital world is safe for next generation. In a piece, I noted: “our future wars will not be fought with machetes and guns, but by bits and bytes”. Yes, we can destroy our modern economy if cyber-wars escalate. And that is why we need non-proliferation treaty on cyber-weapon. When Elon Musk talks of AI World War, that is the higher end of that cyber-weapon, because the AI wars will be fought online. UN needs to lead here.

Amazon has moved into offline with the acquisition of Whole Foods. The ecommerce giant had noted the limit of ecommerce when it comes to grocery. With a physical store, Amazon can offer a better user experience to its customers than a business that relied solely on trucking grocery across cities.

Now Alibaba, the king of marketplace with focus on connecting buyers and sellers, is reportedly building a physical store. Alibaba does not typically own the inventory in its portal; it feeds on commissions from transactions executed on its platforms. This strategy of building a store is new and it is a big deal.

Alibaba, the operator of China’s largest online sales platform, is reportedly building its own mall as it seeks to enrich the real-world shopping experience with technology and convenience.

The five-story shopping center — which the company is calling “More Mall” — is located at Alibaba’s headquarters in the eastern Chinese city of Hangzhou.

The mall was built on a 40,000-square-meter plot of land and is scheduled to open in April, according to linkshop.com. Currently, construction crews are finishing up work on the building’s interior. —

Under the initiative, Alibaba is moving fast into offline spaces to help remake traditional retailing, including launching unmanned convenience store and bringing big data technology to 1 million mom-and-pop stores. Now, it’s building its first shopping center.

Walmart, the world’s largest retailer, has efficiently integrated its physical stores with its online operations. From Macy’s to Bestbuy, we are seeing companies capitalizing on their physical stores to deepen their competitive capabilities in the digital space. If that is the trend, I do think Jumia and Konga need to follow the bandwagon. Sure, they need to examine if that makes sense for them.

This is a way they can do this: build a store in each of Abuja, Lagos and Port Harcourt. The movers and shakers have said it:

“Alibaba believes the future of New Retail will be a harmonious integration of online and offline,” said Daniel Zhang, CEO of Alibaba Group, in a statement in July.

I will not call it New Retail; I will call it Hybrid-Commerce or h-commerce for short. Of course, someone might have used the same term. But that is the way I see it. I do think the interface of the meatspace and internet will help companies like Konga and Jumia compete in the Tier 1 cities in Nigeria. If the pioneers of the sector are moving to h-commerce, I do think they need to do so. This is the era of h-commerce. It is ON.

A hybrid commerce business is one that sells both online and offline. The primary purpose of the business is retailing. It will fuse the meatspace and the ecommerce drawing on technologies such as mobile commerce, electronic funds transfer, supply chain management, Internet marketing, online transaction processing, electronic data interchange (EDI), inventory management systems, and automated data collection systems.

Yes, it is a special type of crime and it is happening in Nigeria. According to the Nigerian Senate, Nigeria has lost about $450 million as a result of 3,500 cyber-related attacks on our information environment and cyberspace.

Senate yesterday stated that Nigeria has lost about $450million to 3, 500 cyber-attacks on its information and communication technology, ICT space, representing over 70 per cent of hacking attempts so far on the technology in the country.

The senate, which relied on revelations from studies to arrive at the amount, expressed worry that the government servers are currently under serious threat.

It lamented that the ICT shortfall in Nigeria is enormous, while its cyberspace is porous and that the system lacks a well-structured and effective approach to cyber-crime control, according to the oversight findings of the Senate Committee on ICT and Cybercrime.
The Senate therefore urged the National Security Adviser, Major General Mohammed Babagana Monguno (rtd) to alert all security agencies and financial institutions about the current and threatening dimensions of cyber-attacks in the country.

The problem is not that we have lost $450 million, but the very fact that we will keep losing money, as no one has taken this situation up with the urgency that it deserves. This is a war against Nigeria, and the government must understand this and act to secure our digital assets and economic infrastructures.

Cyberwar is not a war of choice. It will come to Nigeria even if the nation does not want it. Just as computer virus attacks computers, this warfare is waged at national level with consequences that can shut down a military control, financial systems, health informatics, and telecommunication networks. It is something that the nation cannot afford to waste time despite our failure to use technology or strong regulation to solve the embarrassment caused by the trivial Nigerian web fraudsters.

What is basically the threat of a cyberwar? It has been proven that people could remotely rewire networks logically and trigger avalanche of problems that can bring a nation’s economy to standstill. They plant logic bombs which on ‘explosion’ brings enormous damages to companies and private citizens. They could penetrate our oil installations, bank servers, electric grids, air-traffic controls, GSM networks, and military commands. We suddenly find out that nothing works in the land and all networks are broken.

This is perhaps the main drawback of computer networks- the ability to wage war through bits and bytes instead of the old fashioned way of firing bullets where the identities of the invaders are known. In cyberwar, the attackers could mask themselves and may even use your rigged networks to attack. It is also important to understand that the world ‘computer’ has since evolved. There are pills, watches, shoes, bags, cellphones that are indeed computers. And most systems are on networks with IPs assigned to them.

In the old warfare, people were trained to become spies or soldiers with enormous risks. But now, all they have to do is use a computer to launch their strikes to vulnerable nations. If we deny the severity of these threats, we will have ourselves to blame. It used to be copies of military notes; now, the digital spies could download an entire library of military strategy.

The cyberwar is real and it is already taking place in the world. The first Web War 1 was fought in Estonia where series of orchestrated attacks on Estonian digital infrastructure forced the government to decouple the nation from Internet. In other words, both government and business websites were brought down. That was followed in Georgia during its brief recent hostility with Russia. In that one, power systems and telecom infrastructures were affected.

It is important to understand that this is not an ICT problem. This is a serious engineering problem that requires the use of advanced mathematical models and analytics in digital offense and defense. It involves IT, electronics, policy and law.  For the cyber-battalion, a roadmap to design, develop and implement a national cybersecurity, cyberdefence and cyberwarfare command as cyber-battalion is critical. It will transform the nation with capability to survive the data wars of the 21st century with cyber experts that can use analytics to connect dots and identify security patterns via automated data changing in volume, variety and velocity.

What Nigeria Needs

The world has nuclear non- proliferation treaty, but none exists for cyberwar despite the potential economic and security dangers the latter poses to the world. Accordingly, many nations have started to deploy strategic commands to protect, defend and necessarily retaliate when their systems are attacked through cyber-means. The United States Pentagon has the Cyber Command inside the National Security Agency, the British has a similar unit inside the GCHQ. China, Iran, Russia, Israel, and many other nations have developed cyber-army to protect their economies. Nigeria needs to develop capabilities along these areas:

• Cyber Strategic Deterrence
• Cyber Decisive Response
• A Cyber Combat-Ready Force

And those capabilities must be homegrown and not importation of useless equipment that sees the problem from top-bottom. A homegrown plan is the only hope, as it will be adaptive and organic enough to adjust as the crime strategies evolve, without the constraints from foreign powers and technologies. That is why Nigeria has to invest in developing its cybersecurity sector. Our national IT strategy cannot be complete without a clear roadmap on how we can seed competent local companies in the cybersecurity domain that can help secure our assets.

For all the policies, the solution will come from technology because even if our people do not commit this crime, others can attack us. So, we need to be prepared for whatever, and have that capability through a NGCYBERCOM.

I make a case why Nigeria needs a military cybersecurity and cyberwarfare command (NGCYBERCOM). It will be a unit that drives our military strategy of proactive cyber defense and the use of cyberwarfare as a platform for attack where necessary. It will provide tools as the nation sees the global use of computers and the Internet to conduct warfare in cyberspace as a threat to national security.  Globally, Cyberspace technology is emerging as an “instrument of power” in societies, and is becoming more available to a country’s opponents, who may use it to attack, degrade, and disrupt communications and the flow of information. With low barriers to entry, coupled with the anonymous nature of activities in cyberspace, the list of potential adversaries is broad. Nigeria needs to defend its largest state, the Internet, which has more Nigerians in population than either of Lagos or Kano. NYCYBERCOM will do it.

You may not have noticed it, but Wema Bank is getting younger. That is amazing for a decades-old Nigerian bank. A new report confirms what many of us have already noticed.

The 2016 Ciuci Consulting Annual Banking Report- What Nigerian Retail Customers Want shows a significant climb for Wema Bank in the perception ranking of the 18 to 24 age group, where they moved from 16th place in 2015 to 7th place. Wema Bank is succeeding in capturing the hearts of the youth as the report shows a strong attraction by this age group as their ranking with them is much higher than the bank’s overall perception ranking of 14th.

So a bank that was founded in 1945 is getting younger, jumping from 16th place to 7th, in one year, in the highly competitive Nigerian banking sector, on youthful perception by the Nigerian young people. That is very amazing. The bank’s management has a plan and they are executing through these means:

• Wema Bank ALAT mobile app: The app was well received in the market when they introduced it. They marketed and promoted it as “Nigeria’s first fully digital bank”, and they may not be far from the truth. With ALAT,  a customer can do all  his or her banking transactions without being physically present at a bank.Yet, this ranking took place before the launch of ALAT, so expect Wema to even go higher up in the 2017 ranking.
• Products for youth: We know that our young people do not have so much owing to unemployment problems, Wema Bank is working with that construct. The Wema Bank Purple Savings Account requires only just N1,000 with the account activation done via mobile banking. Simply, they want the youth and they have a product that the youth can afford.
• Partnerships: The bank is working with schools, secondary and tertiary schools, to deepen its presence. It is focusing on these young people and bringing them into the financial sector
• Digital Channel: Wema Bank understands that the young people are in the digital domain. The bank has increased its digital channels to make it easier for these younger customers to do banking.

Wema Bank has a lot of work ahead of it, but it is on the right track. Technology can quickly change the perception of a bank as people evaluate how it is helping them to accomplish things in their lives. Once customers notice that a bank has that strategy, they always respond. Wema Bank is a case study in Nigeria: customers are responding as the bank delivers solutions that meet their needs, and which they can afford.