An analyst at the Defence Space Administration, Nigeria, Elizabeth Kolade was named in the list of ‘One to watch: Security’ for the IFSEC Global Influencers in Security and Fire 2021. Julian Hall put some quickfire questions to her on the trends and issues she’s witnessing in the sector.
Elizabeth Kolade
Elizabeth Kolade is a Cyber Security Analyst with the Defence Space Administration, Nigeria. She has expertise in Incident Handling and Response, Open-source Intelligence and Cyber Diplomacy and has been involved in the strategy, creation and implementation of security measures and the delivery of cyber security awareness across critical organisations. She has embarked on numerous campaigns to promote end-user security education in and outside Nigeria.
Elizabeth is a Fellow of the Young African Leaders Initiative (YALI) and has been a part of several multi-stakeholder engagements on Cyber Security within and beyond Africa. In 2020, Elizabeth was listed as one of the Top 50 Women in Cybersecurity in Africa. She is a long-serving member of the Cyber Security Experts Association of Nigeria (CSEAN) and remains an avid advocate for the education of women in technology.
Julian Hall (JH): What are the most pressing issues in the cyber security sector right now?
Elizabeth Kolade (EK): The rise of Ransomware. Ransomware has become somewhat lucrative, as we have witnessed an increased willingness on the part of victims to pay demands. While end user awareness is increasing, attacks are still on the rise. This may be as a result of the relevant staff not implementing measures to tackle the problems they have faced.
Other issues include cyberwarfare, adoption of cloud technology and the decentralised nature of networks, which has widened the threat landscape and spurred new attack vectors.
JH: What exciting trends should we be looking out for in security?
EK: The next couple of years will feature the development of exciting trends such as artificial intelligence, blockchain technology and quantum computing. We will start to see how these will influence security, both as attack vectors and as instruments in the development of cyber security solutions.
JH: How is AI being used in the cyber security sector?
EK: As more digital devices and services are added to our technological infrastructure, the threat landscape widens and attacks become more sophisticated. This obviously impacts heavily on the responsibilities of security teams. Artificial intelligence (AI) has, therefore, become a very handy phenomenon in helping security teams cope with the constantly rising rate of cyber security incidents. AI is being used to automate security tasks and improve threat detection, prevention procedures and threat intelligence. It also carries out analysis, among other functions. Security vendors have also improved their products by developing AI-based solutions, helping security teams to perform tasks more quickly and efficiently.
However, we must also recognise that AI is a double-edged sword. While it is used to enhance security operations, it is also employed by threat actors to increase the complexity of their attacks. It is, therefore, imperative that we constantly explore ways to use AI and related emerging technologies to give security the edge.
JH: How has the pandemic affected security? And do you see it having a lasting effect?
EK: The pandemic has influenced work as we know it. While we had employed some measure of remote working pre-pandemic, we were forced to embrace it to a much greater extent. This has resulted in a rapid adoption of infrastructure – including cloud services – with security as an afterthought. If action is not taken in the near future, some of the choices and configurations made during this period will result in security vulnerabilities.
We have also witnessed, and will continue to witness, more attacks focused on users rather than organisations.
JH: Can you tell us more about the campaigns to promote end-user security education in and outside Nigeria?
EK: There are several initiatives that promote end user security education in Nigeria. Some of them include Cybersecurity Awareness Campaigns by the Cyber Security Experts Association of Nigeria (CSEAN) Safe Online by CCHub and NoGoFallMaga Campaign by the CyberSafe Foundation. These non-profit organisations use infographics, video skits, radio and television shows and public discussions to demystify cyber security safe practices to the everyday user of digital devices and services in Nigeria. Additionally, one of the key initiatives of Nigeria’s National Cybersecurity Policy and Strategy (NCPS) 2021 is raising end user awareness in conjunction with all relevant stakeholders. This initiative aims to complement existing initiatives by leveraging social media and mainstream media to initiate public discussions.
A number of organisations in Nigeria have also adopted the National Cyber Security Awareness Month (NCSAM) initiative in October, and are hosting several programmes, workshops and initiatives to educate the people on safe use of the internet and digital services.
JH: Are you witnessing a more collaborative approach between physical and cyber security teams?
EK: We have had many discussions on the convergence of physical and cyber security and published various reports on it. While we are yet to experience a full harmonisation of the two, organisations are realising the importance of cyber security, and this is influencing their approach to harmonisation.
Though some convergence has been achieved at the technical level, it is yet to be achieved at the organisational level. Effective cyber security is harmed when physical security is compromised and vice versa. Therefore, in order to achieve a more effective, integrated and secure system, there is a need for convergence to happen at both levels.
