Privacy, security raise viability concerns on cloud services in Nigeria
• Experts want FG to create atmosphere for data sovereignty, residency
Cardinal issues of privacy and security are critical to data sovereignty and cloud service adoption in Nigeria, according to information and technology experts.
They asserted that although Nigeria is in the thick of a global shift towards cloud-based system, due to the increasing reliance on digital technology, there are still huge problems with it.
While stressing the need for localisation of data, they noted that cloud, just like every other technology, is vulnerable to attacks, as such, concerns about cybersecurity have made many businesses reluctant to adopt the system.
Speaking at the International Cyber Security and Cloud Conference, in Lagos, the Group Managing Director, Comercio Limited, organisers of the forum, Mrs. Aderonke Adeyegbe, said when a lay person thinks of cybersecurity, he tends to visualise the shadowy hacker, who wreaks havoc on computer networks from a remote location.
Adeyegbe said there are some state actors, who are deeply involved, adding that data sovereignty has become a big issue in recent years, and questions have been raised about the geo-political jurisdiction over data generated in one country and stored in facilities located in another.
According to her, in some cases, huge amounts of data have been obtained from citizens of certain countries by governments of other countries, without their permission.
“This is one more headache for the contemporary Nigerian business. Many countries have enacted laws aimed at preventing the transfer of data from their citizens to agents from other countries without their permission. Nigeria has provisions in some of its laws that touch on this issue, but it does not have a law that deals specifically with data sovereignty.
“Unfortunately, the commercial and public sectors struggle to deal with these challenges. They still lag behind much of the world in terms of the quality and coverage of IT infrastructure. IT services providers are helping to bring these sectors closer to global technology norms. But their efforts are hampered by deficits in human capital and physical infrastructure,” Adeyegbe stated.
Furthermore, she noted that there is a global shortage of cybersecurity experts, disclosing that The Centre for Strategic and International Studies, claimed that by 2022, there will be upwards of 1.8 million unfilled positions in cybersecurity across the world.
To her, this problem is pronounced in countries like Nigeria, where the education system hardly caters to this need, including many other IT-related fields such as software and hardware engineering.
She stressed that privacy and security concerns are the main barriers to the adoption of public cloud in Nigeria, while its vulnerability to attacks has increased the interest of cybercriminals.
She recalled that in 2016, Cybersecurity Ventures, an organisation researching the global cyber economy, projected that cybercrime could cost the world $6 trillion yearly by 2021.
“This figure is double the losses attributed to cybercrime in 2015. These losses are expected to come from the damage and destruction of data, stolen money, theft of intellectual property, personal information, and financial data, and attacks on business processes, just to mention a few,” she stated.
Speaking on, “The Cyber Threat Landscape and Cloud Legal Perspective,” the Managing Partner Technology Advisors LLP, Basil Udotai, noted that gaps in Nigeria cybersecurity laws have made it difficult to properly addressed important cybercrime issues.
According to him, it is not surprising that the country tends to get more information on hacking incidents abroad than in Nigeria, as there is no compulsion to disclose breaches in the entire ecosystem.
“My question is, who has ever been prosecuted or convicted for hacking in Nigeria? Our analysis shows that the reported breaches in Nigeria are all low end cases. This makes one wonder, are our networks here in Nigeria so impenetrable?
“The Nigeria electronic Fraud Forum (NeRF) report of 2017, stated that the total fraud volume was just placed at 19,431 that year. Who conducted these investigations, and were the defaulters arrested?
“But we tend to hear greater number of reported cases abroad. How come we do not have competent authority handling cybercrime and cybersecurity in Nigeria? It is disheartening that we keep managing cybercrime as if it is a profit and loss business. These are prospects and areas the Cybersecurity Act does not addressed,” Udotai argued.