by: abdul-hakeem ajijola - nigeria computer society...by: abdul-hakeem ajijola...

Presentation at the

of the

Theme:

Presentation at the

of the

Theme:

by:

Abdul-Hakeem Ajijola

[email protected] International Hotel, Abuja, FCT Nigeria

18 July 2017

Presentation at the

of the

Theme:

Abdul-Hakeem Ajijola (.AhA) [email protected]

Presentation at the

of the

Theme:

by:

Abdul-Hakeem Ajijola

[email protected] International Hotel, Abuja, FCT Nigeria

18 July 2017

DISRUPTIVE TECHNOLOGIES

Advances thatwill transformlife, business,and the globaleconomy.www.mckinsey.com/business-functions/digital-mckinsey/.../disruptive-technologies

A disruptive technologyis one that displaces anestablished technologyand shakes up theindustry or a ground-breaking product thatcreates a completelynew industry. Professor Clayton M.Christensen, Harvard Business School, 1997 bookentitled, The Innovator’s Dilemma (Management ofInnovation and Change).http://www.amazon.co.uk/gp/product/1633691780/ref=as_li_tl?ie=UTF8&camp=1634&creative=6738&creativeASIN=1633691780&linkCode=as2&tag=intelligenthq-21

Advances thatwill transformlife, business,and the globaleconomy.www.mckinsey.com/business-functions/digital-mckinsey/.../disruptive-technologies


DISRUPTIVE TECHNOLOGIES




DISRUPTIVE TECHNOLOGIES FROM THE RECENT PAST

Music

Photography

Publishing

Category Disruptive innovation Market disrupted by innovation

Academia Wikipedia Traditional encyclopaedias

Communication Telephony Telegraphy

Computinghardware

MinicomputersPersonal computersPocket calculatorDigital calculatorSmartphones

MainframesMinicomputers, Workstations. Word processors, Lispmachines3.5 standard calculator[1]Mechanical calculatorPersonalcomputers, laptops, PDAs14 inch hard disk drive

Data storage 8 inch floppy diskdrive5.25 inch floppydisk drive3.5 inch floppy diskdriveCDs and USB flashdrives

14 inch hard disk drive8 inch floppy disk drive5.25 inch floppy disk driveBernoulli driveand Zip drive

Display

Medical

Publishing

Transportation

8 inch floppy diskdrive5.25 inch floppydisk drive3.5 inch floppy diskdriveCDs and USB flashdrives

14 inch hard disk drive8 inch floppy disk drive5.25 inch floppy disk driveBernoulli driveand Zip drive

Display Light-emittingdiodesLCD LED displays

Light bulbsCRT

Manufacturing HydraulicexcavatorsMini steel mills

Plastic

Cable-operated excavatorsVertically integrated steelmillsMetal, wood and glass

Medical Ultrasound Radiography(X-ray imaging)

Source: https://en.wikipedia.org/wiki/Disruptive_innovation

DISRUPTIVE TECHNOLOGIES FROM THE RECENT PASTCategory Disruptive innovation Market disrupted by innovation

Music DigitalsynthesizerGramophoneDownloadableDigital media/Online

Electronicorgan, electricpiano and pianoPianolaCDs, DVDs

Photography DigitalphotographyHigh speedCMOS videosensors

Chemical photographyPhotographic film

Publishing ComputerprintersDesktoppublishingWordProcessing

Offset printingTraditional publishingTypewriter

Display

Medical


Publishing ComputerprintersDesktoppublishingWordProcessing

Offset printingTraditional publishingTypewriter

Transportation SteamboatsAutomobiles/CarsHigh speed railPrivate jet

Sailing shipsRail transport

Short distance flightsSupersonic transport

Display

Medical

LANDSCAPE OF CONTEMPORARY DISRUPTION

Transportation & InfrastructurePublic Safety/ Security

Internet ofThings

AutonomousSystems

MachineLearning

Public Safety/ SecurityHealth Care/ Life Sciences

FinanceIndustrial/ Manufacturing

Education

CyberSecurity Privacy Regulation

Source: Images: NASA; Roman Boed, Creative Commons BY 2.0; Brett Jordan Creative Commons BY 2.0 license; JohnTolva , Creative Commons BY-NC-SA 2.0; Michael Sean Gallagher, Creative Commons BY-SA 2.0; Office.com

LANDSCAPE OF CONTEMPORARY DISRUPTION

Transportation & InfrastructurePublic Safety/ Security

MachineLearning

Big DataAnalytics

Mass adoption ofdisruptive

technologies

Keysectors

andmarkets

Legend


Public Safety/ SecurityHealth Care/ Life Sciences

Industrial/ Manufacturing

Regulation CitizenTrust

Source: Images: NASA; Roman Boed, Creative Commons BY 2.0; Brett Jordan Creative Commons BY 2.0 license; JohnTolva , Creative Commons BY-NC-SA 2.0; Michael Sean Gallagher, Creative Commons BY-SA 2.0; Office.com

External Forces

Keysectors

andmarkets

Mobile InternetAutomation of

knowledge work Internet of Things

EXAMPLES OF DISRUPTIVE TECHNOLOGIES

BlockchainTechnology: Cloud

Autonomous orNear-Autonomous

Vehicles

3D Printing High-Speed Travel Materials

Advanced VirtualReality Advanced Robotics Artificial

Intelligence

EXAMPLES OF DISRUPTIVE TECHNOLOGIES


Next-generationGenomics

MedicalInnovations

Next generationStorage

Advanced Oil andGas Explorationand Recovery

Renewable Energy Space Colonization

Finance Technology

FINTECH: DISRUPTIVE INNOVATION IN FINANCIAL SECTOR

Source: Steve Smith https://www.ashburnham-insurance.co.uk/blog/2015/11/what-is-fintech-a-simple-explanation/

TechnologyDrivers:

Machine learning and cognitive computing

Digital currencies and blockchain

Big data analytics, optimisation and fusion

Distributed systems, mobile payments and peer-to-peerapplications

Technology

Meeting Customerneeds

Disruptingtraditional financialstructures andbusiness models

FINTECH: DISRUPTIVE INNOVATION IN FINANCIAL SECTOR

21st CenturyPhenomena

Abdul-Hakeem Ajijola (.AhA) [email protected]: Steve Smith https://www.ashburnham-insurance.co.uk/blog/2015/11/what-is-fintech-a-simple-explanation/

Machine learning and cognitive computing

Digital currencies and blockchain

Big data analytics, optimisation and fusion

Distributed systems, mobile payments and peer-to-peerapplications

21st CenturyPhenomena

SCOPE OF FINTECH

FinancialEducation Retail Banking

Investing Crypto-currencies

Core Components

Examples

Source: www.investopedia.com

Stock trading

Peer to peer lending

Robo advisory servicesAll-in-one online personalfinance management

Budgeting tools

Examples

SCOPE OF FINTECH

B2BB2B For Banks

B2BB2BFor

CorporateClients

Users


B2BFor

CorporateClients

B2CB2CFor SmallBusinessCustomers

B2CB2CForConsumer

FINTECH ECOSYSTEM

Source: http://fintechinfo.com/fintech-mind-map/?utm_content=buffer6ba6e&utm_medium=social&utm_source=pinterest.com&utm_campaign=buffer

FINTECH ECOSYSTEM


Source: http://fintechinfo.com/fintech-mind-map/?utm_content=buffer6ba6e&utm_medium=social&utm_source=pinterest.com&utm_campaign=buffer

NIGERIA FINTECH LANDSCAPE

Nigeria FintechLandscape

Paymentplatforms

BuxMe

Paga

PayPad

Etranzact

PayWithCapture

Amplify Nairabox

Bankingservices

*737*

eSuSu

“…..Banking and Fund/ Transfer/ Payments as sectorsmost likely to be disrupted over next 5 years….”

“…..Life Insurance, Auto-Insurance an Intermediaries(Brokers/ Agents)….”

PWC, Nigeria Fintech Survey 2017https://www.pwc.com/ng/en/pdf/nigeria-fintech-report-2017.pdf

Cryptocurrency

BitPesa

Loyaltyplatforms

Suregifts

FinanceManagementPiggybank

Source: David Adeleke https://techpoint.ng/2016/06/24/fintech-landscape-nigeria/

NIGERIA FINTECH LANDSCAPE

Nigeria FintechLandscape

Paymentplatforms

BuxMe SimplePay VoguePay Remita

Cashenvoy

Firstmonie

KongaPayPaystack

Paylater

C24Limited

AellaCredit


“…..Banking and Fund/ Transfer/ Payments as sectorsmost likely to be disrupted over next 5 years….”

“…..Life Insurance, Auto-Insurance an Intermediaries(Brokers/ Agents)….”

PWC, Nigeria Fintech Survey 2017https://www.pwc.com/ng/en/pdf/nigeria-fintech-report-2017.pdf

Lendingplatforms

C24Limited

RenMoney

Merchantservices

OneCredit

SlimtraderPayAttitude

Source: David Adeleke https://techpoint.ng/2016/06/24/fintech-landscape-nigeria/

SAFEGUARDING FINANCIAL STABILITY & FOSTERING FINTECH

Debate the ethical use of data

Clarify theboundaries onthe use ofcustomer datafor businesspurposes byactors in thefinancial system

Set up forum for public-private dialogue

Identify areaswhereregulations &technologyadvancement isneeded toenhance Fintechstability

Proactively set industry standards

Redefine &enforce anapproach togood conduct inlight of newtechnology-enabledinnovations

Source: World Economic Forum, https://www.weforum.org/agenda/2016/04/5-things-you-need-to-know-about-fintech/

Clarify theboundaries onthe use ofcustomer datafor businesspurposes byactors in thefinancial system

Identify areaswhereregulations &technologyadvancement isneeded toenhance Fintechstability


SAFEGUARDING FINANCIAL STABILITY & FOSTERING FINTECH

Set up forum for public-private dialogue

Proactively set industry standards


Monitor & understandFintech innovation

Ensure thatstakeholders arewell equipped tomitigate risksarising fromFintech

Abdul-Hakeem Ajijola (.AhA) [email protected]: World Economic Forum, https://www.weforum.org/agenda/2016/04/5-things-you-need-to-know-about-fintech/


Ensure thatstakeholders arewell equipped tomitigate risksarising fromFintech

The state of being free from danger or threat https://en.oxforddictionaries.com/definition/security

SECURITY

InformationCommunication

Technology

• Cybersecurity• Communications

security• Computer

security• Internet security• Application

security• Data security• Information

security• Network security• Endpoint security

Physical

• Airport security• Corporate

security• Food security• Home security• Infrastructure

security• Personal security• Port security• Supply chain

security• Transportation

security

• Cybersecurity• Communications

security• Computer

security• Internet security• Application

security• Data security• Information

security• Network security• Endpoint security

• Airport security• Corporate

security• Food security• Home security• Infrastructure

security• Personal security• Port security• Supply chain

security• Transportation

security

Source: https://en.wikipedia.org/wiki/Security

The state of being free from danger or threat https://en.oxforddictionaries.com/definition/security

SECURITY

Political

• National security• Public security• Homeland

security• Internal security• International

security• Human security• Food Security

Monetary

• Economicsecurity/financial security

• Social security


• National security• Public security• Homeland

security• Internal security• International

security• Human security• Food Security

• Economicsecurity/financial security

• Social security

SECURITY CONCEPTS

Assurance • Level of guarantee that a security system willbehave as expected

Countermeasure • A way to stop a threat from triggering a riskevent

Defence in depth • Never rely on one single security measure alone

Risk • A possible event which could cause a loss

Threat • A method of triggering a risk event that isdangerous

Vulnerability • A weakness in a target that can potentially beexploited by a security threat

Exploit • A vulnerability that has been triggered by athreat - a risk of 1.0 (100%)

Source: https://en.wikipedia.org/wiki/Security

SECURITY CONCEPTS

• Level of guarantee that a security system willbehave as expected

• A way to stop a threat from triggering a riskevent

• Never rely on one single security measure alone

• A possible event which could cause a loss


• A method of triggering a risk event that isdangerous

• A weakness in a target that can potentially beexploited by a security threat

• A vulnerability that has been triggered by athreat - a risk of 1.0 (100%)

CYBERSPACE

Cyberspace is an environment that combinesCyberspace is an environment that combines• People, Processes & Technology

Cyberspace is not borderless:Cyberspace is not borderless:• Perceived as borderless because its borders are seamless to

the end user.• Every country has its own cyberspace which is defined by its

national infrastructure.Implications:Implications:Implications:Implications:

• Threat actors carry out their activities in an apparentlyseamless environment,

• Law Enforcement Operatives are constrained by issues ofjurisdiction.

Nigeria through the 2015 National Cybersecurity Policy & theNational Cybersecurity Strategy recognizes cyberspace as the5th domain of warfare after Land, Sea, Air & Outer-space.


CYBERSPACE

Cyberspace is an environment that combinesCyberspace is an environment that combines• People, Processes & Technology

Cyberspace is not borderless:• Perceived as borderless because its borders are seamless to

the end user.• Every country has its own cyberspace which is defined by its

national infrastructure.Implications:


Implications:• Threat actors carry out their activities in an apparently

seamless environment,• Law Enforcement Operatives are constrained by issues of

jurisdiction.



CYBER “THREAT” SPACE

Fueled by: Opportunity Interconnectedness Ignorance

#Weaponisationof #FakeNews and

#Hatespeech

Fueled by: Opportunity Interconnectedness Ignorance

CYBER “THREAT” SPACE


Cybersecurity Protection of assets against

risks within, & from, theelectronic environment

Risk Management An Economic Problem

CYBERSECURITY VS. CYBER-CRIME

Cyber-Crime Conduct prohibited by law, with

prescribed punishment, carried outusing digital systems likecomputers, electronic, ancillarydevices, processes and/ orprocedures




Cybersecurity Protection of assets against

risks within, & from, theelectronic environment

Risk Management An Economic Problem








ASSETS:FINTECH/

DISRUPTIVESTART-UP

Intellectual Property Confidence:

Investorand User

DataRevenues

DistributionChannel

FOLLOW/ PROTECT THE MONEY

ASSETS:FINTECH/

DISRUPTIVESTART-UP

HumanResources

CreativeEnergy

Element ofSurpriseFunding

Traction

Reputation

Confidence:Investorand User

Data

FOLLOW/ PROTECT THE MONEY

Knowledge isn’tpower until it is

appliedDale Carnegie

Disruption (4D’s) ofAsset ManagementIndustry: Digitalisation, De-risking, Disintermediation DemocratisationJR Lowry, EMEA head of State

Street Global Exchange


HumanResources

CreativeEnergy

Disruption (4D’s) ofAsset ManagementIndustry: Digitalisation, De-risking, Disintermediation DemocratisationJR Lowry, EMEA head of State

Street Global Exchange

CYBERSECURITY FRAMEWORK

Identify

Asset Management

BusinessEnvironment

Governance

Protect

Access Control

Awareness &Training

Data Security

Source: http://www.suretyit.com.au/it-services/cybersecuritystrategy/

Governance

Risk Assesment

Risk ManagementStrategy

Data Security

InformationProtection Processes

& Procedures

Mainentance

ProtectiveTechnology

CYBERSECURITY FRAMEWORK

Detect

Anomalies andEvents

SecurityContinuousMonitoring

DetectionProcesses

Respond & Recovery

Response &Recovery Planning

Communications

Analysis


DetectionProcesses Analysis

Mitigation

Improvement

CYBER RESILIENCE ACTION PLAN -- CHANGE BEGINS WITH ME

Organisational Readiness

Situational Awareness

Cyber Defence

Mitigation and Containment

“The ability of a system or a domain towithstand attacks or failures and in such

events to re-establish itself quickly”Nigel Inkster, USA International Institute of Strategic Studies

Source: Nigel Inkster, USA International Institute of Strategic Studies

CYBER RESILIENCE ACTION PLAN -- CHANGE BEGINS WITH ME

Organisational Readiness

Situational Awareness

Cyber Defence

Detection


Mitigation and Containment

Recovery“The ability of a system or a domain to

withstand attacks or failures and in suchevents to re-establish itself quickly”

Nigel Inkster, USA International Institute of Strategic Studies

CYBERSECURITY RESILIENCE MATURITY FRAMEWORKMaturity

DescriptorEmployment of

Security ControlsSecurity Tailored to

Mission

Level 5:Resilient

Augment CSCBased on Mission

MissionAssuranceFocused

Level 4:Dynamic

Augment CSCBased on Mission

Mission Focused

Level 3:Managed

CSC Integratedand

ContinuouslyMonitored

Partially MissionFocused

Ste

p 1

:C

riti

cal S

ecu

rity

Con

trol

s (C

SC

)

Ste

p 2

:A

dd

ress

So

ph

isti

cate

dA

ttac

ks

Source: John Gilligan, President and Chief Operating Officer at Schafer Corporation

Level 3:Managed

CSC Integratedand

ContinuouslyMonitored


Level 2:Performed

FoundationalCritical SecurityControls (CSC)Implemented

Mission Agnostic

Level 1: NoResilience

InconsistentDeployment of

Security Controls

None

Ste

p 1

:C

riti

cal S

ecu

rity

Con

trol

s (C

SC

)

Ste

p 2

:A

dd

ress

So

ph

isti

cate

dA

ttac

ks

CYBERSECURITY RESILIENCE MATURITY FRAMEWORKSecurity Tailored to

MissionParticipate inInformation

Sharing (Threat/Vulnerability)

Response to CyberThreats

Resilience to CyberAttacks

MissionAssuranceFocused

Real-timeResponse to

Inputs

AnticipateThreats

Operate throughSophisticated

Attacks

Mission Focused Real-timeResponse to

Inputs

Rapid Reactionto Threats

Able to Respondto Sophisticated

Attacks


Respond toInformation

Inputs

Respond toAttacks After the

Fact

ProtectionAgainst

UnsophisticatedAttacks

Ste

p 1

:C

riti

cal S

ecu

rity

Con

trol

s (C

SC

)

Ste

p 2

:A

dd

ress

So

ph

isti

cate

dA

ttac

ks

Abdul-Hakeem Ajijola (.AhA) [email protected]: John Gilligan, President and Chief Operating Officer at Schafer Corporation


Respond toInformation

Inputs


Fact

ProtectionAgainst


Mission Agnostic InconsistentResponse toInformation

Inputs


Fact

Some ProtectionAgainst


None No Response Susceptible toUnsophisticated

AttacksSte

p 1

:C

riti

cal S

ecu

rity

Con

trol

s (C

SC

)

Ste

p 2

:A

dd

ress

So

ph

isti

cate

dA

ttac

ks

CORE ORGANIZATIONAL STRATEGY

APPROACH

• Ensure your cyber security is as effective aspossible without compromising the usabilityof your systems.

• Ensure you have robust business continuityplans in place that cover your informationassets so that you can resume normaloperations as soon as possible if an attack issuccessful.

Source: UK Government Cyber Essentials Scheme https://www.itgovernance.co.uk/cyber-essentials-scheme

FollowInternationalStandards as

guides

• ISO27001: Implementation of an InformationSecurity Management System (ISMS);

• ISO22301: Implementation of a BusinessContinuity Management System (BCMS).

• ISO27031, Applies specifically to informationand communication technology businesscontinuity, and the requirements of ISO27001and ISO22301 are mutually compatible.

CORE ORGANIZATIONAL STRATEGY

• Ensure your cyber security is as effective aspossible without compromising the usabilityof your systems.

• Ensure you have robust business continuityplans in place that cover your informationassets so that you can resume normaloperations as soon as possible if an attack issuccessful.

Abdul-Hakeem Ajijola (.AhA) [email protected]: UK Government Cyber Essentials Scheme https://www.itgovernance.co.uk/cyber-essentials-scheme

• ISO27001: Implementation of an InformationSecurity Management System (ISMS);

• ISO22301: Implementation of a BusinessContinuity Management System (BCMS).

• ISO27031, Applies specifically to informationand communication technology businesscontinuity, and the requirements of ISO27001and ISO22301 are mutually compatible.

Appoint a SecurityEvangelist/ Czar.

Identify specificpersonal data

protectionobligations.

Embedsecurity in

your product.

Adopt securecoding

standards.

STEPS TO SECURING (CYBERSECURITY) FOR FINTECH/ DISRUPTIVE STARTUPS

Embedsecurity in

your product.

Adopt securecoding

standards.

Embedsecuritytesting.

Penetrationtest after

every majorchange.

Source: Edgar ter Danielyan, https://thefintechtimes.com/10-steps-cyber-security-fintech-startups/

Women in Cyber Security Africa Cyber Security Market $0.92

Billion in 2015 & $3.6 Billion by 2018 CS2 #HackBossNigeria 2017 Cybersecurity Solutions Industry

Have role-specificsecuritytraining.

What are thetop 10 ways to

attack you?

Check yoursecurityfeatures.

Know whichbugs matter to

you.

STEPS TO SECURING (CYBERSECURITY) FOR FINTECH/ DISRUPTIVE STARTUPS


Check yoursecurityfeatures.

Know whichbugs matter to

you.

Source: Edgar ter Danielyan, https://thefintechtimes.com/10-steps-cyber-security-fintech-startups/

Women in Cyber Security Africa Cyber Security Market $0.92

Billion in 2015 & $3.6 Billion by 2018 CS2 #HackBossNigeria 2017 Cybersecurity Solutions Industry

foryour

attention

Na’godeNa’gode,don

kulawa

[email protected]

O ṣeunO ṣeun,fun

akiyesi rẹ


NaNa--ekeleekelegịgị, n'ihi nagị na anya

[email protected]

by: abdul-hakeem ajijola - nigeria computer society...by: abdul-hakeem ajijola...

Documents