Segun Akano, the Founder and Managing Director of Upperlink Limited, is an exemplary entrepreneur. He is a Fellow of The Institute of Management Consultants (FIMC) and an alumnus of Stanford SEED University; a member of the Nigerian Computer Society (MNCS).
He holds an Honourary Doctorate Degree- D.Sc. Information Technology, Southwestern University. His enthusiasm for online businesses has transformed Upperlink from a modest beginning into an international company operating in five African countries and the United States. Akano's strategic foresight led Upperlink to become the first Nigerian company accredited by the Internet Corporation for Assigned Names and Numbers (ICANN) and the Pioneering Registrar of the Nigeria Internet Registration Association (NIRA).
Due to his dedication to e-payment, Upperlink obtained a license as a Payment Solution Service Provider (PSSP) from the Central Bank of Nigeria (CBN) in 2016.
In this interview with Benedicta Bassey, he shed more light on cybersecurity and the need for organisations to adapt to those cyber threats. Excerpt:
What inspired you to become a cybersecurity and software developer?
People. My passion for cybersecurity and software development stems from a deep-seated commitment to protecting users in an increasingly digital world. Witnessing the vulnerabilities users face daily ignited my desire to become a part of the solution.
Whether it's fortifying systems against cyber threats or developing policies enforcing privacy and security, I aim to empower users while protecting them from bad actors in cyberspace. All my actions are guided by the principle of enhancing user protection, driven by the knowledge that my work directly impacts their safety and security in the digital landscape.
How do you stay updated with the latest trends and advancements in software development?
I prioritize continuous education and engagement with reputable sources such as online discussion forums, industry publications, and conferences dedicated to cybersecurity and software development ethics. These sources give me insights into emerging technologies and offer discussions on ethical considerations, privacy concerns, and strategies for safeguarding users' data and digital experiences.
I also actively participate in professional networks and communities where ethical practices in software development are the primary focus. Engaging in discussions and collaborations with peers allows me to exchange ideas, learn from real-world case studies, and stay informed about regulatory updates shaping the ethical framework of software development.
Moreover, I constantly seek feedback from users themselves, fostering a user-centric approach that places their safety and privacy as primary of all development projects. By integrating user feedback and ethical considerations into every stage of the development lifecycle, I ensure that the software I contribute to not only embraces innovation but also upholds the highest standards of user protection and trust.
What advice would you give to aspiring software developers?
I always tell aspiring software developers to prioritize quality over speed and never to cut corners. In this fast-paced world of software development, it's easy to fall into the trap of rushing through tasks or sacrificing thoroughness for quick results. Taking shortcuts more often than not leads to technical debt, bugs, and ultimately, more time spent fixing problems further down the line. It’s always best to write clean, well-documented code, thoroughly test your software, and adhere to best practices and coding standards.
Doing this from the start will not only result in reliable and maintainable software but also save you time and headaches in the long run.
What role does user experience (UX) play in your development process?
I prioritize ease of use above all else, understanding that it's a major ingredient of a successful product. From the initial concept to the final implementation, I design every interaction with the user in mind, ensuring seamless navigation and intuitive functionality. Through user research, testing, and iteration, I refine my designs to eliminate friction points and enhance the overall user experience.
What is the importance of testing and debugging in software development?
These are crucial components in software development, especially concerning security and customer success. Firstly, thorough testing helps identify vulnerabilities and weaknesses in the software, ensuring that potential security flaws are detected and corrected before deployment. Moreover, debugging not only enhances the reliability and performance of the software but also ensures a seamless user experience, thereby promoting customer satisfaction and loyalty. By prioritizing a proactive testing culture throughout the development lifecycle, developers can deliver secure, high-quality software that meets the needs and expectations of their customers, ultimately driving business success.
How do you ensure the security of the software you develop?
This requires several key steps including risk assessment at the beginning of development, adhering to secure coding practices during development, implementing robust testing methodologies and regular security audits post-deployment.
What measures do you take to optimize the performance of your software?
Although implementing security measures in software development affects the performance of software, I strive to ensure software works optimally without sacrificing security. To ensure the software’s performance is optimized, I carry out activities including identifying performance bottlenecks and addressing them.
I focus on optimizing critical algorithms and implementing ideal data structures to enhance efficiency. Caching mechanisms are also employed to reduce redundant computations and minimize latency. All these techniques and more are implemented with security best practices in mind.
What are your thoughts on the future of software development, particularly with emerging technologies like AI and blockchain?
Artificial intelligence and blockchain are now a couple. Generative AI needs Blockchain to guard IP, mitigate cyber and regulatory risks and expand revenue streams.
Generative AI is the most impactful emerging technology that will increase workforce productivity and help early adopters gain a competitive advantage. The daunting question is - how can you protect your intellectual property (IP) and avoid the unwitting infringement of IP owned by others? This still gives AI Implementation a moderate - to high-risk endeavour.
AI and Blockchain, each a giant in its domain, are now converging to unleash numerous possibilities. AI enables machines to make decisions and support humans, while Blockchain provides a secure and transparent distributed ledger. Together, they are poised to revolutionize various industries and unlock new potential. The combination of AI and Blockchain is not just the sum of their strengths but rather a multiplication of their impacts. The seamless integration of AI in Blockchain is set to unleash a wave of innovation, reshaping problem-solving and decision-making approaches.
How do you balance creativity with technical constraints in your development work?
The watchword is Quality- Fit For Purpose.No matter how creative an idea is, it has to be built into a substance that is feasible, usable and durable. Naturally, when you are generating ideas, you do not worry about technical constraints but as you move on to work on the ideas, you meet obstacles, which sometimes does not mean the end of the road. One should view technical constraints as a catalyst for innovative problem-solving and creative growth. Collaboration and constant engagements with technical experts can bring solutions but having done all that, there may be a need to make informed decisions about which creative elements to prioritize and where to make compromises.
Could you discuss any ethical considerations you take into account when developing software?
Personally for me, ethical considerations, particularly concerning data protection, are paramount. User consent and transparency regarding data collection, ensuring that users are fully informed about what data is being collected, how it is being used, and who has access to it should never be overlooked and underplayed. Additionally, implementing robust security measures, such as encryption and access controls, to safeguard sensitive user data from unauthorized access or breaches is key.
We work closely with the Nigeria Data Protection Commission to ensure we follow the stringent rules needed to protect our esteemed users and provide invaluable contributions to the commission ensuring all affected parties receive the utmost level of security.
Please share tips for aspiring software developers on building a successful career in the field.
1. Master the fundamentals of the technologies you work with.
2. Build personal projects, expand on them and thoroughly document each step of development.
3. Stay updated with trends and changes in your area and areas that affect your field.
4. Embrace continuous learning and development.
5. Enhance your problem-solving skills.
6. Learn how to communicate effectively with peers and other stakeholders.
7. Build your network. Connect with people in your field and others who aren’t in your field but are involved in your practice.
8. Seek feedback and consume the said feedback with an open mind.
9. Stay persistent and resilient no matter how hard things become.
10. Celebrate the small victories, and learn from your failures.
How do you approach cybersecurity risk assessment and management?
1. Identify organizational assets to identify what needs protection.
2. Identify the possible threats and vulnerabilities that could affect these identified assets.
3. Carry out a Risk Analysis to understand the likelihood and impact of these threats and vulnerabilities.
4. Prioritize risks based on the likelihood and severity of the identified risks.
5. Develop and implement mitigation strategies to reduce or eliminate the identified risks using controls, policies and incident response plans.
6. Monitor and review implemented risk management resources to ensure their effectiveness.
7. Ensure compliance with relevant regulations, industry standards and best practices.
8. Carry out training and awareness for staff and stakeholders alike.
9. Carry out continuous improvement activities to keep up with the evolving landscape and to measure the effectiveness of security implementation.
What do you see as the biggest challenges facing cybersecurity professionals in the coming years?
1. The evolution and sophistication of cyber threats and the inability of professionals to keep up with the trends due to factors such as poverty, poor governance, lack of training, and lack of infrastructure.
2. The ever-widening cybersecurity skill gap in the workforce.
3. Insider threats which are much harder to detect and stop than external threats.
4. The proliferation of IoT devices will open up attack surfaces and provide more entry points for hackers.
5. Migration into Cloud Services- a lot of businesses have observed that there is inherent cost reduction when they move their data from on-premise to the cloud.
6. Geopolitical tensions and nation-state attacks- we are already witnessing this, how one country will plan cyberwarfare against another country.
What will you recommend to the Federal Government on cybersecurity solutions?
There have been concerted efforts among the relevant authorities in Nigeria that give sufficient attention to Cybersecurity.
The CBN, ONSA and the NA are at the vanguard of this crusade.
For instance, The Central Bank has an expansive Risk-based Cybersecurity Framework and Guidelines for other Financial Institutions (OFIs). This is a result of an increase in the level of sophistication of cybersecurity threats against financial institutions, especially their financial Institutions (OFIs).
The recommended Risk-Based Cybersecurity Framework and Guidelines for OFIs represent the minimum requirements to be put in place by all OFIs.
The Nigerian Army even has gone to the level of establishing a Cyber Warfare Command headed by a Major-General. We can talk of the efforts and contributions of NIRA, NITDA and NCC among others, so we are giving necessary attention to the subject at the National level. My advice is that collaboration among stakeholders be strengthened to ensure continuous improvements in cybersecurity governance.
How would you rate the Fintech industry growth in Nigeria?
It has been an amazing phenomenon, we have had growth in the value and volumes of payment transactions across channels. As far back as 2021, Nigeria has been ranked among the Top 10 countries with the highest volume of real-time payment transactions. This has been made possible by the exploits of our Fintechs in addition to what the traditional Banks are doing.
Despite the harsh economic environment in Nigeria over the years, Upperlink has been able to maintain steady growth and integrity since its inception, what are your success tips?
Focus and Discipline. We are blessed with shareholders who nurture a common vision for the business, then we have a resilient Management team, our staff are also creative and customer-friendly, and we constantly update our knowledge of what competition is doing and how the payment ecosystem keeps evolving.
Our Products are built with user input and feedback is appreciated for newer versions. Notwithstanding all these efforts, God has commanded His blessings on Upperlink, as you can read in Psalm 135:4, we are His special treasure, and that is why there have been profits from our years of Labour.
When I say Profits, I am not talking about money alone, there are many indices of gains, for instance, in our training division, we have about 40 undergraduates, graduates and post NYSC learning different languages of coding, talented brains who aim to be full stack developers as soon as possible.
We train them for about one year or two and release them to the enterprise market to make impacts in different sectors across the globe. Empowering the next generation! gives me a lot of joy among other things.