Cybersecurity experts have warned that Nigerian banks must urgently invest more in defences as cybercrime continues to drain billions from the sector.
According to a report by the Nigeria Inter-Bank Settlement System (NIBSS), financial institutions in Nigeria lost N52.26 billion to fraud in 2024 , and that represents a 195% increase in loss compared with N17.-67 billion recorded in 2023.
Speaking at a cybersecurity forum organized by Bitscape, the experts noted that the speed at which AI and cloud technologies are evolving has given hackers more sophisticated tools, making it critical for financial institutions to step up their investments in security.
The threat landscape
Executive Director of Bitscape, Mr. Nonso Magulike, noted that while some banks are currently doing their best in terms of investments, a lot still needs to be done to keep up with the pace of sophistication in the threat landscape.
“The evolution of cloud and AI is moving very quickly. This means that bad actors can do things at a rate that is quite high. So, banks need to keep investing,” he said.
- While noting that the Nigerian financial industry is currently moving in the right direction, going by the current level of investment and the regulatory oversights, he said every business must be extra vigilant.
- Magulike explained that Bitscape organised the event to help businesses, especially small and medium-sized firms, understand that cybersecurity does not always have to be expensive.
“Some larger banks have big budgets for cybersecurity, but smaller organisations often don’t understand the risks or the fact that there are cost-effective solutions available. That’s why we brought stakeholders and experts together to share practical solutions that address everyday risks,” he said.
He added that effective risk mitigation goes beyond firewalls and software, requiring a holistic approach that combines people, technology, and processes.
AI as a double-edged sword
Also speaking at the forum against the backdrop of AI and the threat landscape, Chief Information Security Officer at DLM Capital, Mr. Frank Egwakhide, stressed that AI could be used both to strengthen defenses and to launch more complex attacks.
“AI is like a two-edged sword. Hackers are already using it, so organisations must also use AI for detection and prevention,” Egwakhide said.
“You cannot have a hacker coming with an AI tool while you are still relying on manual detection. It has to be AI versus AI,” he added.
- Similarly, Head of Compliance at Crystal Finance, Mr. Ayodeji Faleto, noted that AI is empowering hackers to deploy new methods to penetrate businesses. He said businesses must also respond with ethical use of AI to defend their systems.
- Speaking on compliance, Faleto highlighted the role of regulators in raising awareness and enforcing standards, but urged firms to go beyond surface-level compliance.
“Regulators are trying their best, but corporate organisations must ensure that compliance goes beyond ticking boxes. The real question is: even when regulators are not watching, can your systems stand the test of time?”, Faleto said.
What you should know
A recent report by cybersecurity firm Sophos, had revealed that despite 65% of organizations adopting generative artificial intelligence (GenAI) capabilities, 89% of IT leaders across the globe are worried that vulnerabilities in AI-powered cybersecurity tools could expose their companies to risks.
The report, “Beyond the Hype: The Business Reality of AI for Cybersecurity, “surveyed 400 IT leaders on the use of AI-driven security solutions.
Findings suggest that while AI is widely embedded in cybersecurity infrastructure, as 98% of organizations surveyed confirmed its use, the concerns about over-reliance on AI remain high.
