We need to mitigate cyber risks ― SEC DG –

Recognizing the fact that cyber risks pose a significant threat to market confidence, integrity and efficiency, underline the need for robust strategies to mitigate such risks.

Mr. Lamido Yuguda, Director General of the Securities and Exchange Commission (SEC), recently told the Central Securities Clearing System Cyber ​​Securities Conference that the importance of cybersecurity for the financial sector needs to be emphasized, as people’s hard-earned earnings and other financial instruments are preserved and invested in it.

According to him, “In the Nigerian capital market, we are clearly taking the issue of cyber security very seriously given the increasing volume of data and information stored electronically coupled with the increasing adoption of digitization and digital options in the day-to-day processing of market transactions.

“Today, more of our market activity is conducted through the use of technology than ever before. While this has significantly increased efficiency levels, it also exposes our markets to a new set of risks, including network security risks.

The Director-General said that the experience of the Covid-19 pandemic required the activation of business continuity plans through remote operations, further increasing the speed of technology adoption by stakeholders and highlighting the urgent need to protect our systems from existing and potential threats that exist in cyberspace.

Cyberattacks on financial institutions are often aimed at obtaining sensitive and confidential information for illicit financial gain, Yuguda said. As financial institutions become more interconnected, a cyber attack from one location or entity can have system-wide impacts, compromising the functionality and security of multiple economic sectors.

It is in this regard that he stressed that the Securities and Exchange Commission (SEC) appreciates the efforts of the Federal Government of Nigeria, through the Office of the National Security Advisor, in formulating the National Cyber ​​Security Policy and Strategy for 2021.

“The policy focuses on achieving its objectives by strengthening cybersecurity governance and coordination; protecting critical national information infrastructure; strengthening cybersecurity incident management; strengthening the legal and regulatory framework; enhancing cyber defense capabilities; promoting a thriving digital economy; strengthening international cooperation, etc.

“In November 2021, the capital markets community received an update at a seminar for capital markets hosted by the Office of the National Security Advisor (NSA), and the Capital Markets Hold a meeting.

“The International Organization of Securities Commissions (IOSCO), of which Nigeria is a full member, has also done a great deal to make its members aware of the growing risks in cybersecurity. The IOSCO Board of Directors, through its ‘Cyber ​​Resilience Guidelines for Financial Market Infrastructures’ report provides provides guidance, pointing out various programs or measures that industry stakeholders can take to ensure cybersecurity.

“It encourages regulated entities to adopt practices appropriate to their unique functions. Nonetheless, it notes that these should include identification of critical assets, protections and controls to enhance security, detection of anomalous activity or patterns, Response plan and recovery plan to resume operations”.

He revealed that the Nigerian Securities and Exchange Commission is developing a policy and regulatory response to emerging cyber risks in the rules and regulations for capital market activities and products utilizing technology, as well as minimum operating standards for capital market operators, which clearly stipulates that cybersecurity has made.

He stated, “Due to the importance of data protection, the Federal Government established the Nigerian Data Protection Bureau (NDPB) in February 2022. The NDPB issued a Compliance Notice introducing the National Data Protection Adequacy Program (NaDPAP), Guaranteeing the right to privacy of every Nigerian citizen.This is one of the NDPB’s collective efforts to raise awareness of the obligations of data controllers/processors under the 2019 NDPR.

“Therefore, awareness and action at the national level should drive all sectors of the economy to protect themselves from cyber threats by ensuring careful compliance with industry standards or national policies”.

In further recognition of the role technology will continue to play in the market, the Director-General revealed that the Commission will issue guidance on minimum operating standards for information technology for capital market operators (CMOs). The guide will cover important areas such as computing environments, information technology/information systems management and governance, IT business continuity and disaster recovery. “

Through these guidelines, he assured, the Commission will encourage the development of information security and cybersecurity policies to form part of corporate IT policies for capital market intermediaries, platforms and other financial market infrastructure.

“Within the guidelines, we expect stakeholders to conduct regular penetration testing at least annually to detect vulnerabilities and check the resilience of their networks and systems against threats and malicious activity.

“Cybersecurity is a key issue for the financial sector and capital markets have a responsibility to ensure the necessary safety net is provided for investors and stakeholders”.

As a result, Yuguda said CSCS has come a long way and is now the backbone of the market because it is a critical, technology-driven market infrastructure that is not only fit but well placed to organize discussions around cybersecurity.

read also nigerian tribune

(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s);
js.id = id;
js.src = “//connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.5”;
fjs.parentNode.insertBefore(js, fjs);
}(document, ‘script’, ‘facebook-jssdk’));

Leave a Reply

Your email address will not be published. Required fields are marked *