Mr. Eyal Titinger is partner at CyberDome. In this interview with the media, he speaks on the implications of the high rate of global security breaches and the need for organisations to constantly review their online security policies and comply with the Nigerian Cyber Act and regulations to address such breaches. Excepts:
Dangers of cybersecurity in Nigeria
According to Section 21 of the cyber law, it is very important for organisations to inform the public of any breach of security. We do know that breaches happen, which can be due to many factors, from inside or outside of the organisation, and the law is clear on this. These breaches should as a matter of transparency be known to the public. It’s never good to have secrets, they are hard to keep. In terms of the broader picture of Nigeria as a nation, every person has a right to know that he has been breached, and there should be laws in place to support that. I also think that organisations that adopt this policy of disclosure would build tremendous trust with their customers.
Paradigm shift in cybersecurity from CapEx to OpEx
The capital expenditure (CapEx) and operating expenditure (OpEx) transition reflects a global trend, as we see the intensive transition to the cloud. In our case, this is even more significant, even if we assume that the organisation has enough money to build such a cyber-system, regular maintenance, renewable licenses, and building capacity. All these can kill the cyber operation, and don’t forget, this is not even the core business of this organisation, CyberDome has a multimillion-dollar investment in cyber technology, we have a very innovative centre located in Abuja, and our team has the expertise.
What is CyberDome all about and what do you offer?
CyberDome is a cybersecurity and research firm located in Abuja, with branches in Israel and the USA. We provide bespoke cyber services such as analysis, critical infrastructure and defence mechanisms. Every cyber solution we have is tailored to the organisation’s specific threat landscape, as well as their industry and market to enable them anticipate breaches before they occur. The platform that we set up for each client provides them with the ability to respond quickly, decisively and effectively. CyberDome maintains an up to date threat intelligence database from all over the world and real-time discovery of cyber attacks. We are constantly adding new technology and artificial intelligence (AI) innovations to our portfolio to keep ahead of the curve. CyberDome is a next-generation managed security service provider (MSSP). We are currently the only facility in the country today offering twofold; it is round-the-clock security monitoring and advanced data breach prevention service with full-service solutions portfolio to meet all security risks. We deploy the complete installation of Cyber Security Operations Centers (SOC) at the client’s site or to enable CyberDome to provide on-site services on behalf of the client. In the area of capacity-building, CyberDome’s academy courses are certified; we provide capacity-building and all trainings are customised based on the organisation’s needs.
Why would organisations outsource part of their cyber operations to an organisation like CyberDome?
We don’t have the credentials of the customer; we only analyze the logs. This is one thing that differentiates us from the rest. Unlike others, we only analyze logs, we do not ask for login credentials. This has made a lot of people have confidence in us.
Managed security services and an on-premises solution
The customer should ask himself if he is ready to pay the high initial capital investment and operational costs of an individual on-site cyber solution. Is he ready to increase his workforce to handle the demand of on-premises cyber department? Does his team dedicate the appropriate amount of time to reviewing logs and customising alerts without impacting daily operations? Does he have the right workforce to deal with him? If they answer no to any of these questions, then their organisations may want to consider managed security services. By working with CyberDome, customers will have 24/7 security support, with a tailored cyber solution aligned with their business goals and objectives at an affordable price, with no need for upfront investment. And with the shortage of cyber professionals, staffing the operations are completely our responsibility.
Are you in line with Nigeria’s Cyber Act and Regulations?
Apart from being a top-notch cybersecurity firm that is focused on providing innovative cybersecurity solutions in Nigeria, we are a combination of Israeli and Nigerian. We are a fully Nigerian firm located in Abuja that ensures that we adhere strictly to the laws and regulations of the country. We offer cybersecurity as a service in this country. According to the Nigeria Information Technology Development Agency (NITDA), we are mandated to have all the data domiciled in Nigeria, we are in tune with this mandate. As a Nigerian firm, we ensure that we localise our solutions to suit Nigerian firms. Our entire database is in Nigeria and this is in line with the Nigerian Cyber Act law and NITDA. We have invested so much in Nigeria that we want Nigerians to experience the expertise, technology and service.
CyberDome’s cybersecurity solutions
Our security solution is based on the most innovative technologies available in the market today, with highly experienced and highly skilled people and if you come to us, we will provide you with the protection that you need in a short time. You connect to our platform and it will fulfil its mandate. As a customer, all you need is tell us what you want, you don’t even need to pay anything until you see how our solution works. I know that, in Nigeria, there is a lot of cyber talk, but perhaps a little less doing in terms of its complexities. We cover the entire life cycle of security operations: prevention, detection, response and investigation.
Is the Cybersecurity Act in tandem with what is applicable in other climes?
Well, Nigeria is in good shape as it pertains to the regulations, but we are a little bit lacking in implementation and in the ability to catch the criminals. This implementation requires technology and expertise, as per Nigerian data protection regulations and cyber act laws. But, overall, Nigerian security laws are great. I must say we must start looking at full implementation and building capacity in this space. We are here to support the implementation of these regulations. Regulations are key, but we must execute implementation and experzz zzzztise.
Advise to organisations
Well, my advice is simple, I would advise that they concentrate on their core business and leave their cybersecurity protection for people like us to handle it for them. In today’s world, organisations are tilting towards outsourcing and we have organisations that can handle this cyber security for these firms. Let the competent hands take care of this on or off premises. So, concentrate on your core business. You do not need to put so much resources or funding in cybersecurity today. The best thing organisations should do is to outsource and let the professionals handle it.
How safe is data in the hands of cybersecurity firms like yours?
Well, it depends on the cybersecurity solution provider they are engaging, but ours is a different approach. With our AI approach, we don’t need to have access to customers’ data, credentials or logs. This is what makes us unique from others; all we need is to collect the logs and analyze the logs. We have been in conversation with NITDA and Galaxy Backbone, among others, and we have worked with the government and the issue of trust shouldn’t arise because we have a reputation here.
Our company is divided into various levels of intelligence: Incidence response to penetration testing and ethical hacking. We ensure that we have a dedicated support system for Nigerian firms in the case of any breach. We take the matter of support very seriously here in CyberDome. Our incidence response is located in the country, we have that in place and our customers can testify to this.
How is CyberDome contributing to changing this narrative?
Capacity-building is a critical area in the provision of cyber security solution anywhere in the world. As an organisation, we are doing our best to bridge these gaps in our own little way. Our Cyber Academy provides professional instruction for cyber security experts to further develop their skills as cyber forensic information technology scientists and information security professionals. CyberDome instructors are among the leading professional trainers and information security specialists that are not only trainers, but are also practicing professionals, performing regular incident response and processing digital forensic cases. All of our professional courses are taught at several levels, and we can customise training courses based on the needs of the organisation. We believe Nigerians will have access to our facilities and benefit from them.