Words by- Josephine Agbonkhese
An API (application programming interface) Security Specialist, talent developer, global speaker and gender inclusion advocate, Confidence Staveley is one of Africa’s most-celebrated cybersecurity experts.
The Founder/Executive Director of CyberSafe Foundation, a leading non-governmental organisation dedicated to improving inclusive and safe digital access in Africa, her achievements and contributions to the cybersecurity industry have earned her both local and international recognitions.
Among them are the International Information System Security Certification Consortium (ISC2) Global Achievement Award, Cybersecurity Woman of the World (2023), Cybersecurity Woman of the Year Award (2021 and 2022), International Security Journal 2023 Influencer, Top Cyber News 40 under 40 in Cybersecurity, LinkedIn Top Voice for Gender Inclusion and Top 50 Women in Cybersecurity Africa.
An official member of the Forbes Technology Council, Staveley holds a first-class degree in Information Technology & Business Information Systems from the University of Middlesex; a Master’s in Information Technology Management from the University of Bradford, and an Advanced Diploma in Software Engineering.
She is also the host of a YouTube series, API Kitchen, which uses food as a central point analogy in teaching API security best practices.
Staveley, popularly referred to as ‘The Relatable Cybersecurity Leader’, opens up to Allure on her work, the menace of cyber crime, style, childhood, as well as her plan to open up the tech space to more girls.
Congratulations on your recent emergence as Winner of the Cybersecurity Woman of the World Award recently held in Scotland; what does this mean to you?
I am very grateful and thankful for this award; it was truly a surprise to me.
I had made it to become a finalist in the United Cybersecurity Alliance Woman of the World Awards, alongside very prominent women from across the world, who are also making massive changes in cybersecurity and technology generally in their different countries and continents. I honestly was not expecting to win. I only went for the event in Scotland to receive a letter of honour from the Royal Marines for being a finalist and to also be part of a global sisterhood of very experienced and talented women. I literally cried when announced as winner.
I was presented the award by the FBI Deputy Director of Cyber. This honour taught me that excellence is such a big light; that is, you can be in one part of the world doing your work and be celebrated in a standing ovation in a huge hall filled with people, way far away from home. Just by excellence and passion!
Receiving this award is a reminder to do more; and even better. I see myself now as a walking showcase for what is possible for women and young people across the world.
How did a soft-looking beauty like you end up a cybersecurity professional?
I got into this field by happenstance. I, first and foremost, had bought the dream of my parents to become a medical doctor because they felt I was good in the sciences. So, that was my goal until my parents asked me to take a gap year before entering university. To keep me busy while at that, I was registered in a computer school where I learnt the basics of computer and eventually, programming and coding. I gained admission to study Medicine in the north of Nigeria but at that time, I had gone deeper into programming and coding. It dawned on me that, that was the way to go. I convinced my parents by making a presentation to them about tech being the future, using a cardboard paper since I did not have a computer at the time. Luckily, they listened and allowed me to turn down that admission. I was able to then pursue an advanced Diploma in Software Engineering. After that, I got a scholarship from the Cross-River State Government for my BSc and then another for my Master’s after graduating with a first-class. It was during my Master’s that I got my first brush with cybersecurity, through an elective called Cryptography—which is the science behind encryption.
Companies, governments and private individuals are increasingly suffering costly data-security breaches; why is this so easy for cyber criminals?
Modern systems are increasingly complex, you know; one part is serving the other within an organisation and outside. So, that intertwining and vast array of devices and applications (all of them needing to be protected), is a key thing that provides many points of entry for cybercriminals. The important thing to note is that cybercriminals would attack wherever they find loopholes.
Cyber attackers are beginning to employ very advanced techniques, including AI and machine learning, to enhance their capabilities to attack information systems. This increase in the sophistication and frequency of attacks, is making them really harder to detect and prevent. I am not saying it is impossible, but a key thing to note is that, there is no completely secure systems. So, what we generally will look at is the resilience of your system. How can it quickly bounce back and recover from any attack? How can we quickly detect that your system is being attacked? How do you make it a lot more difficult for cyber criminals to successfully attack and cart away data, and make sensible use of that data?
There is also the human side of things, including the issue of insider threats. Sometimes, the ignorance of employees can put an organisation’s information system at risk. Employees can willingly and knowingly provide an opportunity for cybercriminals to attack the organisation. There is also deception (phishing) by cyber criminals to trick individuals into revealing sensitive information which can then lead to unauthorised access. Another key thing to look at in the human factor aspect is poor security hygiene. Many individuals and organisations fail to adhere to basic cybersecurity practices such as regularly updating, using strong passwords, using the same password on multiple applications, not turning on two-factor authentication, etc. All of these are leaving people and organisations vulnerable. I know of businesses that have lost billions of dollars just because there was no two-factor authentication turned-on on a major person’s email (maybe the CEO or CFO).
Among a myriad of other factors including the shortage of cyber security professionals, there is another major factor which is state-sponsored attacks; whereby cyber attacks are sponsored by governments across the world just to steal money to run their economies. These are key factors driving how frequently these attacks are happening.
How do people attract cyber criminals to their digital space?
Just being online or using digital technology, generally speaking, puts you at risk of cyber criminals.
For individuals, I would say avoid over-sharing and do not share personal or sensitive information on social media platforms. Ensure you have strong passwords; I would highly recommend using a password manager so you do not get to use one password on multiple platforms. Turn-on two-factor authentication. Avoid downloading unverified softwares or applications. Do not click on links in emails you were not expecting. Never use unsecured networks. Be careful about connecting with free WIFIs in public places. For organisations, the lack of employee training, like I mentioned earlier, puts you at risk. Also, the use of outdated systems and softwares (failing to regularly update systems and softwares), is a risk factor.
Tell us about the Cybersafe Foundation and its brainchild, Cybergirls…
The CyberSafe Foundation is one of Africa’s leading non-profits that is focused on digital developments; facilitating safe and inclusive access to digital across the continent. Our main focus is underserved populations and organisations within our ecosystem. We have various programmes but one which is very close to my heart is the Cybergirls Initiative.
Through the Cybergirls Initiative, we are upskilling women across Africa to be able to defend the digital world. Typically, these are women between the ages of 18-28. I have seen quite a lot happen as a result of this programme. Currently, women make up only nine percent of the cyber workforce in Africa even though they constitute 50 percent of the world’s population. That’s really abysmal.
So, we are breaking down the access barriers, from mentorship to training, job opportunities, equipping, and more. We do this through a seven-month intensive cybersecurity training.
This programme started in six states in Nigeria but has today expanded to six more African countries, including South Africa, Kenya, Rwanda and Ghana.
What was growing up like for you and in what city did you grow up?
Growing up was very interesting. My father was a very loving man and I practically felt like I could do anything because of him. I had a very hardworking mother as well. I grew up in a family that I could describe as wealthy; not wealthy in terms of money but in terms of values and a deliberate parenting style which was intentional about the quality of children that were being raised. I grew up in the city of Calabar.
How did your childhood prepare you for this line of work?
I think my childhood built in me a sense of belief in myself. The ruggedness by which I was raised also contributed; I was not over-protected but was protected to a level. My childhood really toughened me. I saw poverty on levels that are very interesting. I cry when I remember some of them sometimes. The experiences, however, built in me resourcefulness and prepared me for facing challenges, head on. It also made me a good problem-solver.
What do you love doing when not working?
I love reading books and playing with my son. Also, I love spending quality time with my family; maybe seeing a movie or going out to eat. I love to explore foods in different restaurants. I particularly like Asian foods.
Describe your style?
My style is becoming more colourless and neutral. I like whites, blacks and skin tone colours. I lean towards minimalism in my colours; but a bit more elegant. I seldom wear patterns; I prefer clean lines and shapes. Just say constructive elegance.
Whose style would you love to steal and why?
Genevieve Nnaji’s style. I particularly like her style because it is ageless, classy, simple and sophisticated.
Take us through your daily beauty routine in a few words…
I do not do too much on a daily basis except I have speaking engagements or major outings. Otherwise, I just go through my very simple beauty routine which is: have my bath and wash my face, use a cleanser and apply a serum, moisturise, and then wear a sunscreen. Outside of my face, I only moisturise; nothing complicated.
What’s your most-cherished accessory?
I would definitely say my smile even though it is not a bought item. I really like to smile and light up other people with my smile because I know that no matter how well-dressed I am, that whole look is not complete without that smile.
Your preferred holiday destination?
I do not have a preferred holiday destination. When I have gone to a place, I am not likely to go there again, except for work.
My favourite continent to holiday in will definitely be Asia because I have had my best experiences holidaying in that continent.