Flour Mills of Nigeria PLC, a leader in Fast-moving consumer goods (FMCG) recently passed the PECB ISO 27001certification audit for its Information Technology (IT) and cybersecurity framework and policies. This certification has placed Flour Mills of Nigeria PLC as the foremost Nigerian firm in the FMCG sector to be presented with such a certification. ISO 27001(Information Security Management System) is the most recognized international standard for information security management for any organization globally. It provides clear processes for effective implementation and continuous mitigation of data/security breaches for any organization. This certification has placed Flour Mills of Nigeria PLC as an organization that is in line with the global best practices when it has to do with cybersecurity and data breaches.
The PECB ISO 27001 Certification was facilitated by Nigeria’s cybersecurity firms, Kecam Technologies Limited and DataSixth CyberSecurity Limited. These firms in line with an internationally recognized audit firm conducted a series of interviews, ensured that the right implementation was in place, and also guided the organization to achieve the PECB ISO/27001 certification.
On the importance of the certification to Flour Mills of Nigeria PLC, Omoboyede Olusanya, Group Managing Director / CEO said “We appreciate this certificate and the credit should go to the team that ensured that this happened. This is a document that shows that we have done something and that we are very particular in the areas of cybersecurity. We are desirous to build a world-class organization. It is a process and it is an ingrained process, there is a continuous stride that we have here. We will keep improving.”
Speaking to the media, Serge Yao, the Group Head of Information Technology (IT) at Flour Mills of Nigeria PLC said, “This certification brings reassurance to business’s cybersecurity posture. It proves that we have well-defined system to handle cyber-attacks and cybersecurity. This certification testifies that FMN take seriously the confidentiality of information asset and IT risks are controlled. (Financial loss and damage to reputation are mitigated). We started our cybersecurity program fourteen months ago; the whole organization was engaged, and I want to thank FMN leadership team for the continuous support. It has been a transformational journey for all our employees toward cybersecurity; weak areas were exposed and rectified. Globally targets for cyber-attacks have shifted toward manufacturing firms; so, we must mitigate IT risks and potential damage. We are the first indigenous FMCG to be certified and many more will follow for sure. This is a beginning, and we will continue to follow the best practices and ensure that we have our recertification next year. “
On the importance of certification, Bonny Mekwunye, the Chief Executive Officer of, Kecam Technologies Limited, an indigenous Cybersecurity company in Nigeria said “About 10.5 trillion dollars will be the cost of cybercrime by the year 2025, what does this mean, it is basically that many organizations will be exposed to cyber-attack, it is important that organizations must start thinking how to build their cyber security framework such as people, processes and technology. This is where ISO certification comes in. This is a globally recognized body that is designed for organizations that are desirous and serious to look into their cyber security processes. Flour Mills Nigeria PLC has seen the relevance to protect their digital infrastructure and we were invited to provide a consulting service with our other partner which is DataSixth CyberSecurity Limited. This certification means that they are globally recognized in the area of data security just like other big firms in the world. “
The country manager of DataSixth CyberSecurity Limited, Happiness Obioha said “This certification is all about data security for the organization and the need to have a round the clock continuous protection. This is a bold step for Flour Mills of Nigeria PLC. There is cyber resilience and they are sure that their critical infrastructure is protected. This certification demonstrates that the organization is equal to task in the area of cybersecurity and it shows that they are digitally inclined. This certification will build a lot of moral, trust and confidence for the organization and their stakeholders.”
The ISO 27001 is a globally acceptable certification for organizations that are desirous of strengthening the IT and cybersecurity frameworks. It uses a top down, risk-based approach and most time it is technology-neutral. The approach mostly is in six phases such as the organization’s security policy, the scope of their Information Security Management System, risk assessment, how they manage identified risks, how objectives and controls are implemented and statement of applicability.