Cybersecurity: Dr Okereafor Calls For Urgent Digital Identity & Citizenship

Owing to the pace of development in the cyber world as well the attendant need for up to date cybersecurity, the Assistant General Manager, Network Security and Communications, Department of ICT, National Health Insurance Scheme (NHIS), Abuja, Dr. Kenneth U. Okereafor has declared that there is an urgent need for digital identity and citizenship.

Dr. Kenneth said this during a paper presentation at the just-concluded Nigeria Legislative-Stakeholder conference On ICT and cybersecurity held at the NAF Conference Center, Kado, Abuja.

The conference tagged “Cybersecurity: The Implications of Disruptive Technologies on National Security and Economy”, was organised by the Nigerian Senate in conjunction with some experts.

In his presentation titled “Digital Identity And Citizenship – Who, What, Why, When, Where and How?”, Dr. Kenneth identified key areas where Personally Identifiable Information (PII) are inevitable.

Some cited citizenship data examples are:

• Biodata: Surname, Phone No, DoB, etc.
• Driver’s License Number
• Passport Number
• National Identification Number (NIN)
• Bank Verification Number (BVN)
• Tax Identification Number (TIN)
• Voter Registration Number, et al.

The presentation classified sensitivity impact upon data loss or breach as:

• Restricted or Confidential — sensitivity as “High” — impact as “Catastrophic or scandalous”, “Fatal or damaging”, “Financial or legal risk”
• Sensitive — sensitivity as “Medium” — impact as “Less severe if lost”, “Marginal impact”, “Easy recovery from effect of loss”
• Unrestricted or Public — sensitivity as “Low” — impact as “With little/minimal impact if lost, modified or miscommunicated, “Of general knowledge”, “Non-critical to corporate operations and national security, “Mostly of deliberate public knowledge.

In the introduction, he explained that Digital identity involves use of PersonallyIdentifiable Information (PII) whose:

• Improper use of PII can impact National security
• Misidentification of citizens’ digital identity can ignite huge economic consequences
• Authentic identification of citizens is required to improve regulated access to civic resources, and so on.

In his recommendations, he emphasised that regular security training and drills are essential to protecting digital identities.

He also stressed need to engage data security experts to conduct periodic review of security compliance including vulnerability assessment and proneness to social engineering.

He then sought the need to expand the responsibilities of expert groups to include periodic review of evolving global legislations that concern digital identities for possible customization.

Dr. Okereafor explained that digital identities are majorly composed of Personally Identifiable Information (PII), hence require highest degree of privacy protection guiding their use.

He reminded that the impacts of digital misidentification and wrongful disclosure of PII can be grave.

He warned that everyone who uses the internet or online resources has a digital footprint, hence, authenticating citizens electronically should serve as the hallmark of digital identities.

He, therefore, tasked digital identities to be properly collated, ethically accessed, adequately secured and correctly used.

Dr. Kenneth Okereafor has double Ph.D. on Cybersecurity and IT Management.

Other qualifications are MSc, Network Security, BSc, Computer Information System, PGD, Computer Science, HND distinction, Electrical & Electronics Engineering, Security+, PRINCE2, COBIT5, NSA, MCP, etc.

He is a Certified Cybersecurity Expert, 20+ years’ corporate ICT management experience, Proficient Corporate IT risk manager, Private, public, industry, R&D, academia,

He undertook studies in countries as Italy, Switzerland, Germany and United States.

National ICT assignments include National Identity Management and Harmonization Committee membership, design of National eHealth Strategic Framework 2015 – 2020, Development of network security standards and guidelines with the National Information Technology Development Agency (NITDA).

He is member of professional bodies as Nigeria Computer Society (NCS), Computer Professionals Registration Council of Nigeria (CPN), Cybersecurity Experts Association of Nigeria (CSEAN), Information Technology Systems Security Professionals (ITSSP), etc.

Download the full presentation here.