Know The Basics of Web Security and Ethical Ways of Hacking, Security Expert Tells Microfinance Banks
Chert Systems Solutions, a provider of digital security technologies, on Tuesday urged major microfinance banks in the country to understand the basics of web security and the ethical ways of hacking.
The Chief Executive Officer of Chert Systems Solution, Mr Akin Ande, said that there was need for microfinance banks to get some insightful knowledge of cyber security and its importance.
According to a statement made available to newsmen in Lagos, Ande urges microfinance banks to understand the vulnerabilities their assets faced and try to proffer solutions with what is available to them.
“Chert Systems Solutions recently organised a security workshop for microfinance banks on how to tackle vulnerabilities faced by their assets if not protected and also enlighten them on the latest updates and trends in cyber security.
“They were equally educated on the right knowledge to have concerning the right security outfit or consultant to choose for protecting their assets.
“Most of the security issues start from Information Technology infrastructure and how they can be exploited.
“To have a good understanding of IT infrastructure itself is a very good starting point for security, “Ande said.
Also the Chief Technology Officer of Chert, Mr Feyi Ogunkunle, who spoke on “Application on Security Landscape’’, urged banks to use measures and counter measures to tackle threats and vulnerabilities that arose in the development stage of an application.
“In Nigeria of today, we have things not being tidied when it comes to application. Hence, the need for some of these techniques which include input parameter validation, session management, user authentication and authorisation,’’ he said.
A Cybersecurity Consultant, Adedolapo Olayinka, who spoke on “Exploiting Web Application Vulnerability’’, said that web application security is a means of protecting an application from malicious attack and other risks which is necessary to provide data availability, confidentiality and integrity.
He further spoke on the black, white and grey hats, types of hackers, the novice, intermediate and professional levels of hackers and the three processes of attack scenarios.
Mr Taiwo Olusola, Head of IT, Parallex Microfinance Bank Ltd., said that it was obvious that IT should be separated from security and security also be separated from corporate governance policies.
According to him, the workshop has made it open for them to understand that responsibilities should be handled individually and should not be bundled together.
Mr Charles Igbah, IT Manager, Alpha Beta Consulting, said the seminar had opened his eyes to the fact that antivirus could be manipulated.
“It is obvious that no matter what one spends on antivirus does not serve as a guarantee as even though one has a complete patch; one can still be hacked,’’ he said.
Mr Nathaniel Omoragbon, a Team Lead Application Development at LAPO Microfinance Bank, said that if every organisation implements the approaches, mitigations that were presented by Chert, and organisations, would have a fairly -secured environment to work in.
“This is a very good idea from Chert; getting the attention and focus of organisations; as most of us in the world of IT do things that we think we know but to everything, there is a best practice.
“For one to achieve that best practice, one will have to first test himself to know if what you are doing is in line with best practice.
“Security is key; security is big business all over the world. It is a big business because data is important to every organisation, especially to organisations that have transactions,’’ he said.
It was gathered that Chert Group which has been in existence 10 years ago consists of five companies, 2 cybersecurity companies; 2 IT platforms and 1 IOT.
In relation to their IT infrastructure, they have sold over 50,000 IT products which put them in a very strong position, in relation to what they do in the cyber-world.