Abstract image of a woman sitting on books and studying on a laptop

The Nigerian Cybersecurity Space-How Regulated Are We?

Download as PPTX, PDF
C
Chinatu Uzuegbu

The document discusses cybersecurity regulations in Nigeria. It begins by introducing the speaker, Chinatu Uzuegbu, and their background in cybersecurity. It then covers key concepts related to cybersecurity including the cybernetic elements that make up cyberspace, the CIA triad of confidentiality, integrity and availability that forms the philosophy of cybersecurity, and the importance of regulations and frameworks. The document reviews some international cybersecurity regulations and frameworks as well as those specific to Nigeria. It acknowledges that determining how well regulated Nigeria's sectors are would require collaboration across governing bodies and key industry players overseen by ONSA. It concludes that running effective cybersecurity regulations is achievable through applying the concept of a national cybersecurity alliance

Government & Nonprofit
1 of 17
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
The Nigerian Cybersecurity Space – How Regulated? Who Regulates? Starring: Chinatu Uzuegbu CCISO, CISSP, CISM, CISA, CEH, …… CyberSecurity Consultant RoseTech THE SENATE, FEDERAL REPUBLIC OF NIGERIA, Committee on ICT and Cybercrime event Theme: The Digital Theatre and the Future of Nigeria
Chinatu Uzuegbu ❖ Managing Cyber Security Consultant, RoseTech. ❖ Founding Past President, (ISC)2 Nigeria Chapter. ❖ Member, Global (ISC)2 Chapter Advisory Committee(CAC). ❖ Member, VigiTrust Advisory Board, Ireland. ❖ Mentor, Open Cyber Security Mentorship Program(OCMP), AfrHackton and Cyber in Africa Initiative. ❖ Global Ambassador, WomenTech Network ❖ Finalist, Top 50 Women in Cybersecurity, Africa, 2020 ❖ Alumni, London Graduate School in Collaboration with CommonWealth University- Dubai Leadership Summit. 2020 ❖ Alumni, University of Liverpool- MSc. Information Systems Management ❖ Alumni, University of Port Harcourt-BSc. Computer science & Maths. ❖ Over 15 years Wealth of experience in IT and 10 years in Information Security with FIs, Manufacturing and Computer Firms. ❖ Professionally:CCISO, CISSP, CISM, CISA, CEH and other related IT Certifications. ❖ Professional Membership: (ISC)2, ISACA, EC-COUNCIL, CSEAN. ❖ Participated and Attended both International and Local Conferences. ❖ Aside Profession, inclined to Learning New Things, Reading, Cooking and Adventures. ❖ Open to Cyber Security Related Services.
Preamble Cyber Cyber Security CyberSpace The Communication and Interoperable Handshakes of The Cybernetics with Pictorial illustration. Concept of the CIA Triad, the approach to securing The CyberSpace. Concept of The Cybernetics The CyberSpace of a Nation The Global National Security Alliance Perspective The Conceptual and Contextual Approach You can’t go wrong with GAP Analysis/Checklist Laws, Regulations, Frameworks and Governance International Regulations and Frameworks How Regulated is Nigeria across All Sectors and Industries? Seamless alignment with The Standards/Best Practices is the way to go! The SMART principle approach would help. Importance of Regulations and Frameworks Who Regulates in Nigeria? Key Players of the various Industries overseen by ONSA. Conclusion
Cyber The Concept of The Cybernetics ❖ Coined out from the word Cybernetics. ❖ Cybernetics is the study of Medical Science, Biological Science, Applied Science, Natural Science, Engineering, Electronic devices, Data, Information, Artificial Intelligence, Machine Learning , Infrastructures, Computers, Laptops, Technology, Communications, and other related systems with the aim of promoting good governance and Control around the inter-connectivity and interoperability of these elements- The Cybernetic Elements. ❖ Cybernetics is derived from the Greek word Kybernetes meaning a Person in Control, more like a Man on the Steering for a long drive.
CyberSpace
The CyberSpace of a Nation ONSA Parliament Commissioning Bodies Regulatory Bodies Contratual and standards •The Forces •Law Enforcement •All Public Sectors: •Education •Transportation •Health •Trades and Commerce •Immigration •National Population •National Communications •National Identity •Revenues •Postal Services •NITDA •ICT • Others EFCC NFIU CBN Others Governance of any firm outside the government Private Sector
Cyber Security The Concept of The CIA Triad ❖ The Process or act of protecting your Cybernetic Elements from Undue Disclosure, Modification and Destruction. ❖ The Process or act of protecting our Cybernetic Elements based on the acceptable level of Confidentiality, Integrity and Availability-The CIA Triad. ❖ The CIA Triad is generally seen as the philosophy of Cyber Security: ➢ Confidentiality- The act of protecting the Cybernetic elements from unauthorised Disclosure ➢ Integrity- The act of protecting the Cybernetic elements from unauthorised Modification. ➢ Availability- The act of protecting the Cybernetic Elements from unauthorised Destruction. The other side of the coin Modification
The Philosophy of Cyber Security The philosophy of Cyber Security can be categorised into three Layers: 1. The Focused or Objective Layer- Achieving an Acceptable level of: Confidentiality, Integrity and Availability(CIA Triad). 2. The Three Control Types: Administrative, Technical and Physical. 3. The Seven Security Measures, Safeguards or Countermeasures: Preventive, Detective, Deterrent, Corrective, Recovery, Compensative and Directive. CIA Triad Admin Tech Physical Prevent, Detect, Deter, Correct, Recover, Compensate, Direct
Regulations, Governance and Frameworks ● Regulation is the overarching concept that drives Governance and Frameworks for necessary compliance and enforcements. ● Governance is the framework of authority and accountability that defines and controls the outputs, outcomes and benefits from projects, programmes and portfolios. The mechanism whereby the investing organisation exerts financial and technical control over the deployment of the work and the realisation of value. ● A framework is a conceptual structure defined by the governance of an organisation to set out policies within the company.
Importance of Regulations and Frameworks ● Promotes good Security Posture and Culture. ● Promotes Clean Hygiene in your Processes. ● Assurance that you are aligned with Best Practices. ● Accurate posture when combined with GAP Analysis. ● You cannot go wrong with Regulations……..
International Regulations and Frameworks •ECPA-Electronics Communications Privacy Act. •GLBA-Graham Leach Bliley Act •SOX-Sarbanes-Oxley Act. •HIPAA-Health Insurance Portability and Accountability Act. •FERPA-Family Educational Rights and Privacy Act. •DMCA-The Digital Millennium Copyright Act. •European Union Data Directive(Privacy Regulatory) on Personally Identifiable Information-PII. •The Privacy Shield(replacement of US Safe Harbor) for countries outside EU in need of EU Citizens data consent: Canada(PIPEDA), Australia, Argentina, EFTA(Switzerland, Iceland and Others), Asia Pacific Economic Corporations) and other Companies through Contractual bindings.
Links to Some International Frameworks ❖ https://www.iso.org/isoiec-27001-information-security.html ❖ https://csrc.nist.gov/Projects/risk-management/sp800-53- controls/ ❖ https://www.pcisecuritystandards.org/pci_security/ ❖ https://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html ❖ https://www.cisa.gov/federal-information-security- modernization-act ❖ https://www.ftc.gov/tips-advice/business-center/privacy-and- security/gramm-leach-bliley-act ❖ https://www.hhs.gov/hipaa/index.html
Nigerian Cyber Security Frameworks and Initiatives 1. National CyberSecurity Policy and Strategy- NCPS. https://education.gov.ng/national- cybersecurity-policy-and-strategy-2021/#1 2. Nigeria Data Protection Regulation-NDPR. https://nitda.gov.ng/wp- content/uploads/2021/01/NDPR- Implementation-Framework.pdf 3. Other Frameworks and Regulatory ACTs from NCC, CBN and others.
How Regulated is Nigeria across All Sectors and Industries? ● Could only be ascertained and measured with Synergy and Collaborations with All Governing Bodies and Key Players of the various Industries but it has to be driven from ONSA. ● The involvement of All Key Players of the various Bodies would ensure all areas and Critical Paths are well outlined. ● Customization of the Standard and International Regulations around each Sector highly depends on the jurisdiction of the Nation. The Location and what should apply. ● Already existing Regulations should be enforced and tested globally to ensure alignment with other developed Countries especially that of NDPR. ● The publicity with fines that go with violations should be catchy and lets those in Diaspora understand the regulations that apply here too when it has to do with relative transfer and exchange of Information. ● ONSA should map out a sub-section tagged Cyber Security Alliance to drive the Regulations and enforcements
The Regulation Structure ONSA Parliament Commissioning Bodies Regulatory Bodies Contratual and standards •The Forces •Law Enforcement •All Public Sectors: •Education •Transportation •Health •Trades and Commerce •Immigration •National Population •National Communications •National Identity •Revenues •Postal Services •NITDA •ICT • Others EFCC NFIU CBN Others Governance of any firm outside the government Private Sector
Conclusion ● Running with Regulations is achievable if we could apply the concept of The National Security Alliance. ● Most Key Industries are already aligning their processes with Standard Regulations, identify them and inculcate them into the Cyber Security Alliance group to represent each industry under the various Sectors.
Thank You!

More Related Content

PDF
UN Singapore Cyber Programme 15 july19
consultancyss
 
PDF
Combating cyber crimes chinatu
Chinatu Uzuegbu
 
DOCX
Chapter 3.docx
Amir Khan
 
PPTX
NIST CyberSecurity Framework: An Overview
Tandhy Simanjuntak
 
PPTX
Legal and Ethical Implications of Cybersecurity.pptx
soulscout02
 
PDF
Cyber Security Regulatory Landscape
Samir Pawaskar
 
PPTX
National cyber security policy final
Indian Air Force
 
PPTX
DOC-20250530-WA0008.pptx.................
salmannawaz6566504
 
UN Singapore Cyber Programme 15 july19
consultancyss
 
Combating cyber crimes chinatu
Chinatu Uzuegbu
 
Chapter 3.docx
Amir Khan
 
NIST CyberSecurity Framework: An Overview
Tandhy Simanjuntak
 
Legal and Ethical Implications of Cybersecurity.pptx
soulscout02
 
Cyber Security Regulatory Landscape
Samir Pawaskar
 
National cyber security policy final
Indian Air Force
 
DOC-20250530-WA0008.pptx.................
salmannawaz6566504
 

Similar to The Nigerian Cybersecurity Space-How Regulated Are We? (20)

PDF
Research report cybersecurity strategy development- gerald & jeremy
Gerald Ogoko
 
PPTX
Types of Security in Industrial Security
RJCubillo
 
PDF
Internet safety and security strategies for building an internet safety wall
Commonwealth Telecommunications Organisation
 
PDF
Safeguarding UAE's Digital Infrastructure: Network Security
Super52
 
PDF
Forecast cybersecurity regulation v3
Joe Orlando
 
DOCX
Analyze1. Foreign Stocka. Samsung Electronics LTD. (Korean St.docx
justine1simpson78276
 
ODT
Ch.5 rq (1)
anthnydvs
 
PPTX
Cybersecurity Frameworks and You: The Perfect Match
McKonly & Asbury, LLP
 
PDF
How to Comply With Saudi Arabia’s National Cybersecurity Regulations.pdf
Bluechip Advanced Technologies
 
PPTX
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
Jack Whitsitt
 
PPTX
Roberto Reale - Governing Information Security
Legal Hackers Roma
 
PPTX
Governing Information Security
Roberto Reale
 
PPTX
NIS 2 and details about implementation - WatchGuard
zcexve
 
PDF
Module 7.pdf
Sitamarhi Institute of Technology
 
PDF
Module 7 Cyber Laws and Forensic
Sitamarhi Institute of Technology
 
PDF
U.S. Approach to Cybersecurity Governance
Gwanhoo Lee
 
PDF
Mastering NIST CSF 2.0 - The New Govern Function.pdf
Bachir Benyammi
 
PDF
NIST Cybersecurity Framework 101
Erick Kish, U.S. Commercial Service
 
PDF
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
Cohesive Networks
 
PPTX
introduction to cyber forensics, digital
Srinivas Kanakala
 
Research report cybersecurity strategy development- gerald & jeremy
Gerald Ogoko
 
Types of Security in Industrial Security
RJCubillo
 
Internet safety and security strategies for building an internet safety wall
Commonwealth Telecommunications Organisation
 
Safeguarding UAE's Digital Infrastructure: Network Security
Super52
 
Forecast cybersecurity regulation v3
Joe Orlando
 
Analyze1. Foreign Stocka. Samsung Electronics LTD. (Korean St.docx
justine1simpson78276
 
Ch.5 rq (1)
anthnydvs
 
Cybersecurity Frameworks and You: The Perfect Match
McKonly & Asbury, LLP
 
How to Comply With Saudi Arabia’s National Cybersecurity Regulations.pdf
Bluechip Advanced Technologies
 
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
Jack Whitsitt
 
Roberto Reale - Governing Information Security
Legal Hackers Roma
 
Governing Information Security
Roberto Reale
 
NIS 2 and details about implementation - WatchGuard
zcexve
 
Module 7.pdf
Sitamarhi Institute of Technology
 
Module 7 Cyber Laws and Forensic
Sitamarhi Institute of Technology
 
U.S. Approach to Cybersecurity Governance
Gwanhoo Lee
 
Mastering NIST CSF 2.0 - The New Govern Function.pdf
Bachir Benyammi
 
NIST Cybersecurity Framework 101
Erick Kish, U.S. Commercial Service
 
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
Cohesive Networks
 
introduction to cyber forensics, digital
Srinivas Kanakala
 
Ad

More from Chinatu Uzuegbu (19)

PDF
Business Process Revamp is Paramount in 2024.pdf
Chinatu Uzuegbu
 
PDF
Preventing Cloud Data Breaches.pdf
Chinatu Uzuegbu
 
PPTX
Securing The Clouds Proactively-BlackisTech.pptx
Chinatu Uzuegbu
 
PDF
Securing The Clouds with The Standard Best Practices-1.pdf
Chinatu Uzuegbu
 
PDF
World Password Management Day, 2023.pdf
Chinatu Uzuegbu
 
PDF
Fundamentals for Stronger Cloud Security2.pdf
Chinatu Uzuegbu
 
PDF
Effectiveness of Cyber Security Awareness.pdf
Chinatu Uzuegbu
 
PDF
What The Cyber Entails-2.pdf
Chinatu Uzuegbu
 
PDF
What The Cyber Entails-1.pdf
Chinatu Uzuegbu
 
PDF
Combating Cyber Crimes Proactively.pdf
Chinatu Uzuegbu
 
PDF
Identity & Access Management Day 2022.pdf
Chinatu Uzuegbu
 
PDF
Understanding Identity Management and Security.
Chinatu Uzuegbu
 
PDF
Practical approach to combating cyber crimes
Chinatu Uzuegbu
 
PPSX
Cyber Security Awareness Month 2017-Wrap-Up
Chinatu Uzuegbu
 
PPSX
Cyber Security Awareness Month 2017-Nugget 6
Chinatu Uzuegbu
 
PDF
Cyber crime (prohibition,prevention,etc)_act,_2015
Chinatu Uzuegbu
 
PPSX
Cyber Security Awareness Month 2017-Nugget 3
Chinatu Uzuegbu
 
PPSX
Cyber Security Awareness Month 2017- Nugget2
Chinatu Uzuegbu
 
PPSX
Cyber Security Awareness Month 2017
Chinatu Uzuegbu
 
Business Process Revamp is Paramount in 2024.pdf
Chinatu Uzuegbu
 
Preventing Cloud Data Breaches.pdf
Chinatu Uzuegbu
 
Securing The Clouds Proactively-BlackisTech.pptx
Chinatu Uzuegbu
 
Securing The Clouds with The Standard Best Practices-1.pdf
Chinatu Uzuegbu
 
World Password Management Day, 2023.pdf
Chinatu Uzuegbu
 
Fundamentals for Stronger Cloud Security2.pdf
Chinatu Uzuegbu
 
Effectiveness of Cyber Security Awareness.pdf
Chinatu Uzuegbu
 
What The Cyber Entails-2.pdf
Chinatu Uzuegbu
 
What The Cyber Entails-1.pdf
Chinatu Uzuegbu
 
Combating Cyber Crimes Proactively.pdf
Chinatu Uzuegbu
 
Identity & Access Management Day 2022.pdf
Chinatu Uzuegbu
 
Understanding Identity Management and Security.
Chinatu Uzuegbu
 
Practical approach to combating cyber crimes
Chinatu Uzuegbu
 
Cyber Security Awareness Month 2017-Wrap-Up
Chinatu Uzuegbu
 
Cyber Security Awareness Month 2017-Nugget 6
Chinatu Uzuegbu
 
Cyber crime (prohibition,prevention,etc)_act,_2015
Chinatu Uzuegbu
 
Cyber Security Awareness Month 2017-Nugget 3
Chinatu Uzuegbu
 
Cyber Security Awareness Month 2017- Nugget2
Chinatu Uzuegbu
 
Cyber Security Awareness Month 2017
Chinatu Uzuegbu
 
Ad

Recently uploaded (20)

PPTX
Robotics_Presentation.pptxdhdrhdrrhdrhdrhdrrh
JalArquiza
 
PDF
Item # 8 - 218 Primrose Place variance req.
ahcitycouncil
 
PPTX
Monitoring Evaluation Accountability and Learning Powerpoint by Abraham
Abraham Lebeza
 
PPTX
Workshop introduction and objectives. SK.pptx
Ahmed Ali
 
PDF
Global Intergenerational Week Impact Report
kshitija69
 
PPTX
Chapter 1: Philippines constitution laws
cesarodan04
 
PDF
AAAAAAAAAAAAAAAAAaaaaaaaAAAAAAAt - ĐV.pdf
nguyenthihamy2003aa
 
PDF
PPT Item # 10 -- Proposed 2025 Tax Rate
ahcitycouncil
 
PPTX
Workshop-Session-1-LGU-WFP-Formulation.pptx
matalomrhu
 
PDF
The Landscape Catalogues of Catalonia. From landscape characterization to action
Pere Sala i Martí
 
PPTX
20231018_SRP Tanzania_IRC2023 FAO side event.pptx
KulwaFurahisha
 
PDF
Item # 10 -- Set Proposed 2025 Tax Rate
ahcitycouncil
 
PPTX
Water-Energy-Food (WEF) Nexus interventions, policy, and action in the MENA r...
Ahmed Ali
 
PPT
Republic Act 9729 Climate Change Adaptation
ryeanthony1
 
PPTX
Key Points of 2025 ORAOHRA of the CSC from CSI
bingeaocoo
 
PPTX
International Tracking Project Unloading Guidance Manual V1 (1) 1.pptx
usmanshah2319
 
PDF
An Easy Approach to Kerala Service Rules
arunrj1977
 
PPT
An Introduction To National Savings CDNS.ppt
zash11
 
PDF
2024-Need-Assessment-Report-March-2025.pdf
youngmeninitiativeba
 
PPTX
SUKANYA SAMRIDDHI YOJANA RESEARCH REPORT AIMS OBJECTIVES ITS PROVISION AND IM...
NishiSinha18
 
Robotics_Presentation.pptxdhdrhdrrhdrhdrhdrrh
JalArquiza
 
Item # 8 - 218 Primrose Place variance req.
ahcitycouncil
 
Monitoring Evaluation Accountability and Learning Powerpoint by Abraham
Abraham Lebeza
 
Workshop introduction and objectives. SK.pptx
Ahmed Ali
 
Global Intergenerational Week Impact Report
kshitija69
 
Chapter 1: Philippines constitution laws
cesarodan04
 
AAAAAAAAAAAAAAAAAaaaaaaaAAAAAAAt - ĐV.pdf
nguyenthihamy2003aa
 
PPT Item # 10 -- Proposed 2025 Tax Rate
ahcitycouncil
 
Workshop-Session-1-LGU-WFP-Formulation.pptx
matalomrhu
 
The Landscape Catalogues of Catalonia. From landscape characterization to action
Pere Sala i Martí
 
20231018_SRP Tanzania_IRC2023 FAO side event.pptx
KulwaFurahisha
 
Item # 10 -- Set Proposed 2025 Tax Rate
ahcitycouncil
 
Water-Energy-Food (WEF) Nexus interventions, policy, and action in the MENA r...
Ahmed Ali
 
Republic Act 9729 Climate Change Adaptation
ryeanthony1
 
Key Points of 2025 ORAOHRA of the CSC from CSI
bingeaocoo
 
International Tracking Project Unloading Guidance Manual V1 (1) 1.pptx
usmanshah2319
 
An Easy Approach to Kerala Service Rules
arunrj1977
 
An Introduction To National Savings CDNS.ppt
zash11
 
2024-Need-Assessment-Report-March-2025.pdf
youngmeninitiativeba
 
SUKANYA SAMRIDDHI YOJANA RESEARCH REPORT AIMS OBJECTIVES ITS PROVISION AND IM...
NishiSinha18
 

The Nigerian Cybersecurity Space-How Regulated Are We?

  • 1. The Nigerian Cybersecurity Space – How Regulated? Who Regulates? Starring: Chinatu Uzuegbu CCISO, CISSP, CISM, CISA, CEH, …… CyberSecurity Consultant RoseTech THE SENATE, FEDERAL REPUBLIC OF NIGERIA, Committee on ICT and Cybercrime event Theme: The Digital Theatre and the Future of Nigeria
  • 2. Chinatu Uzuegbu ❖ Managing Cyber Security Consultant, RoseTech. ❖ Founding Past President, (ISC)2 Nigeria Chapter. ❖ Member, Global (ISC)2 Chapter Advisory Committee(CAC). ❖ Member, VigiTrust Advisory Board, Ireland. ❖ Mentor, Open Cyber Security Mentorship Program(OCMP), AfrHackton and Cyber in Africa Initiative. ❖ Global Ambassador, WomenTech Network ❖ Finalist, Top 50 Women in Cybersecurity, Africa, 2020 ❖ Alumni, London Graduate School in Collaboration with CommonWealth University- Dubai Leadership Summit. 2020 ❖ Alumni, University of Liverpool- MSc. Information Systems Management ❖ Alumni, University of Port Harcourt-BSc. Computer science & Maths. ❖ Over 15 years Wealth of experience in IT and 10 years in Information Security with FIs, Manufacturing and Computer Firms. ❖ Professionally:CCISO, CISSP, CISM, CISA, CEH and other related IT Certifications. ❖ Professional Membership: (ISC)2, ISACA, EC-COUNCIL, CSEAN. ❖ Participated and Attended both International and Local Conferences. ❖ Aside Profession, inclined to Learning New Things, Reading, Cooking and Adventures. ❖ Open to Cyber Security Related Services.
  • 3. Preamble Cyber Cyber Security CyberSpace The Communication and Interoperable Handshakes of The Cybernetics with Pictorial illustration. Concept of the CIA Triad, the approach to securing The CyberSpace. Concept of The Cybernetics The CyberSpace of a Nation The Global National Security Alliance Perspective The Conceptual and Contextual Approach You can’t go wrong with GAP Analysis/Checklist Laws, Regulations, Frameworks and Governance International Regulations and Frameworks How Regulated is Nigeria across All Sectors and Industries? Seamless alignment with The Standards/Best Practices is the way to go! The SMART principle approach would help. Importance of Regulations and Frameworks Who Regulates in Nigeria? Key Players of the various Industries overseen by ONSA. Conclusion
  • 4. Cyber The Concept of The Cybernetics ❖ Coined out from the word Cybernetics. ❖ Cybernetics is the study of Medical Science, Biological Science, Applied Science, Natural Science, Engineering, Electronic devices, Data, Information, Artificial Intelligence, Machine Learning , Infrastructures, Computers, Laptops, Technology, Communications, and other related systems with the aim of promoting good governance and Control around the inter-connectivity and interoperability of these elements- The Cybernetic Elements. ❖ Cybernetics is derived from the Greek word Kybernetes meaning a Person in Control, more like a Man on the Steering for a long drive.
  • 6. The CyberSpace of a Nation ONSA Parliament Commissioning Bodies Regulatory Bodies Contratual and standards •The Forces •Law Enforcement •All Public Sectors: •Education •Transportation •Health •Trades and Commerce •Immigration •National Population •National Communications •National Identity •Revenues •Postal Services •NITDA •ICT • Others EFCC NFIU CBN Others Governance of any firm outside the government Private Sector
  • 7. Cyber Security The Concept of The CIA Triad ❖ The Process or act of protecting your Cybernetic Elements from Undue Disclosure, Modification and Destruction. ❖ The Process or act of protecting our Cybernetic Elements based on the acceptable level of Confidentiality, Integrity and Availability-The CIA Triad. ❖ The CIA Triad is generally seen as the philosophy of Cyber Security: ➢ Confidentiality- The act of protecting the Cybernetic elements from unauthorised Disclosure ➢ Integrity- The act of protecting the Cybernetic elements from unauthorised Modification. ➢ Availability- The act of protecting the Cybernetic Elements from unauthorised Destruction. The other side of the coin Modification
  • 8. The Philosophy of Cyber Security The philosophy of Cyber Security can be categorised into three Layers: 1. The Focused or Objective Layer- Achieving an Acceptable level of: Confidentiality, Integrity and Availability(CIA Triad). 2. The Three Control Types: Administrative, Technical and Physical. 3. The Seven Security Measures, Safeguards or Countermeasures: Preventive, Detective, Deterrent, Corrective, Recovery, Compensative and Directive. CIA Triad Admin Tech Physical Prevent, Detect, Deter, Correct, Recover, Compensate, Direct
  • 9. Regulations, Governance and Frameworks ● Regulation is the overarching concept that drives Governance and Frameworks for necessary compliance and enforcements. ● Governance is the framework of authority and accountability that defines and controls the outputs, outcomes and benefits from projects, programmes and portfolios. The mechanism whereby the investing organisation exerts financial and technical control over the deployment of the work and the realisation of value. ● A framework is a conceptual structure defined by the governance of an organisation to set out policies within the company.
  • 10. Importance of Regulations and Frameworks ● Promotes good Security Posture and Culture. ● Promotes Clean Hygiene in your Processes. ● Assurance that you are aligned with Best Practices. ● Accurate posture when combined with GAP Analysis. ● You cannot go wrong with Regulations……..
  • 11. International Regulations and Frameworks •ECPA-Electronics Communications Privacy Act. •GLBA-Graham Leach Bliley Act •SOX-Sarbanes-Oxley Act. •HIPAA-Health Insurance Portability and Accountability Act. •FERPA-Family Educational Rights and Privacy Act. •DMCA-The Digital Millennium Copyright Act. •European Union Data Directive(Privacy Regulatory) on Personally Identifiable Information-PII. •The Privacy Shield(replacement of US Safe Harbor) for countries outside EU in need of EU Citizens data consent: Canada(PIPEDA), Australia, Argentina, EFTA(Switzerland, Iceland and Others), Asia Pacific Economic Corporations) and other Companies through Contractual bindings.
  • 12. Links to Some International Frameworks ❖ https://www.iso.org/isoiec-27001-information-security.html ❖ https://csrc.nist.gov/Projects/risk-management/sp800-53- controls/ ❖ https://www.pcisecuritystandards.org/pci_security/ ❖ https://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html ❖ https://www.cisa.gov/federal-information-security- modernization-act ❖ https://www.ftc.gov/tips-advice/business-center/privacy-and- security/gramm-leach-bliley-act ❖ https://www.hhs.gov/hipaa/index.html
  • 13. Nigerian Cyber Security Frameworks and Initiatives 1. National CyberSecurity Policy and Strategy- NCPS. https://education.gov.ng/national- cybersecurity-policy-and-strategy-2021/#1 2. Nigeria Data Protection Regulation-NDPR. https://nitda.gov.ng/wp- content/uploads/2021/01/NDPR- Implementation-Framework.pdf 3. Other Frameworks and Regulatory ACTs from NCC, CBN and others.
  • 14. How Regulated is Nigeria across All Sectors and Industries? ● Could only be ascertained and measured with Synergy and Collaborations with All Governing Bodies and Key Players of the various Industries but it has to be driven from ONSA. ● The involvement of All Key Players of the various Bodies would ensure all areas and Critical Paths are well outlined. ● Customization of the Standard and International Regulations around each Sector highly depends on the jurisdiction of the Nation. The Location and what should apply. ● Already existing Regulations should be enforced and tested globally to ensure alignment with other developed Countries especially that of NDPR. ● The publicity with fines that go with violations should be catchy and lets those in Diaspora understand the regulations that apply here too when it has to do with relative transfer and exchange of Information. ● ONSA should map out a sub-section tagged Cyber Security Alliance to drive the Regulations and enforcements
  • 15. The Regulation Structure ONSA Parliament Commissioning Bodies Regulatory Bodies Contratual and standards •The Forces •Law Enforcement •All Public Sectors: •Education •Transportation •Health •Trades and Commerce •Immigration •National Population •National Communications •National Identity •Revenues •Postal Services •NITDA •ICT • Others EFCC NFIU CBN Others Governance of any firm outside the government Private Sector
  • 16. Conclusion ● Running with Regulations is achievable if we could apply the concept of The National Security Alliance. ● Most Key Industries are already aligning their processes with Standard Regulations, identify them and inculcate them into the Cyber Security Alliance group to represent each industry under the various Sectors.