The Next
Cyber risk management is not just technical but a
business issue because, where cyber-attack occurs in
an organisation that is least prepared, the
consequences could cause financial, reputational,
intellectual property loss and lost value of customer
relationship . Consequently, businesses in the
African ecosystem should strengthen their cyber
resiliency by building systems and operations
designed to prevent and detect threats.
Furthermore, organisations should maintain good
cyber hygiene by implementing the following
principles recently released by the Software
Engineering Institute (SEI) to reiterate the above ;
1. Identify and prioritise key organisational
services, products and, their supporting assets.
2. Identify, prioritise, and respond to risks to the
organisation’s key services and products
3. Create an incident response plan
4. Conduct cybersecurity education and
awareness exercises
5. Establish network security and monitoring
6. Control access based on least privilege and
maintain user access accounts
7. Manage technology changes and use
standardised and approved secure
configurations
8. Utilise controls to protect and recover data
9. Forestall and monitor malware exposures
10. Manage cyber risks associated with suppliers
and external dependencies
11. Conduct cyber threat and vulnerability
monitoring and remediation
It is imperative to note that the above cyber hygiene
principles are mere foundational footsteps that can
be taken in managing cyber risk. Organisations in
Africa must be open to changes and improvements
in their cyber risk management routine.
Motunrayo Akinyemi, LLB (Law with Criminology), B.L.
Lagos, Nigeria