Eyitemi Egbejule(@eeyitemi) is a Cybersecurity Researcher/Engineer, a Python Software Foundation Fellow & individual member of the Django Software Foundation. He also supports various learning initiatives including #CodeLikeAGirl #DjangoGirls & other #GirlChild education and has been involved in building tech and security communities across Africa. We had a chat with him on the growth of his niche in the Nigerian technology ecosystem.
Cybersecurity is not a popular niche in the Nigerian tech ecosystem, why did you choose it?
I wanted to be the standout guy, the outlier. Well, everyone was focusing on building software, I wanted to be the one breaking into it, identifying security flaws and helping to fix these flaws. I had initially started out as a programmer in 2007/8. I was writing C++/C# till somewhat around 2012 and got bored. I needed more challenges. Cybersecurity provided me with ample challenges to last a lifetime.
What has the experience been like working as a cybersecurity engineer in the country?
Pretty challenging and super exciting at the same time. Organisations a just getting to fully understand the importance of having a security engineer on their teams, and to actively focus on securing their products. You get to wear on many hats, today you do a little on product security, and tomorrow, it’s infrastructure security. A little on risk, governance and compliance (GRC) this week or Privacy and Internet Safety. As a security engineer in Nigeria, you are expected to know about Web & Mobile app security, know how to code, understand Digital Forensics and Incidence Response, do network security exceptionally and be a rock star pentester. The great thing about this though is that you get to build capacity. You grow a wide knowledge base across cybersecurity and also become an in-depth domain expert too.
As internet penetration grows in the country, do you think technology platforms and digital solutions are doing enough to be secure online?
Well, most people are right now focused on building platforms and solutions to reach out to their target audience and customers. In the midst of these, we still see products and platforms who are investing in security actively. There’s still more to be done, but things are not as bad as they used to be.
Can you share some activities that make us vulnerable online and ways to tackle them?
Top of my head, I would say most people are over trusting, and click on links even without knowing what/where they lead to. You never can tell if the link downloads a malicious file to your phone or computer or a phishing site that asks for your credentials. Treat all links as a suspect. Most especially shortened links. Also, the habit of using the same passwords across multiple platforms puts you at risk. If one account gets compromised, the others fall like dominoes.
Ransomware has been a major hit for hackers in recent times, can you share some tips on how we can protect ourselves and our devices?
DO NOT download cracked software, be careful of links. verify that you know the sender of an email before even thinking of clicking on links or downloading attachments. Be wary of Whatsapp messages that say “I won x amount of airtime via this link .. click to win yours too”.
To provide some form of security against ransomware for yourself, invest in a good antivirus for your computers and mobile devices too. They are relatively inexpensive and affordable
When it comes to cybersecurity in the country, what roles do you think the country and other relevant stakeholders should be playing to help us achieve a safer internet?
I’ll just say they should allow for more Public/Private Partnerships. More stakeholders are getting involved in the business of making our internet safer. Organisations like Paradigm Initiative have been on the forefront for years now. And there’s NaijaSecForce, a community of cybersecurity professionals who have been organising meetups, conferences like the Nigeria Cybersecurity Conference and other events to preach security awareness and ways to secure your information on the internet. Other organisations should provide support to those already doing this work, or can join in, on this safer internet movement.