In August 2023, Anonymous Sudan took X (formerly Twitter) offline in more than ten countries in an attempt to force a Starlink launch in Sudan. While the launch hasn’t happened, the group, which has been accused of having Russian ties, has been busy.
According to the International Telecommunication Union, 5.3 billion people — roughly 66% of the global population — were using the Internet in 2022. Events like the coronavirus pandemic and the increasing affordability of smartphones have accelerated digital transformation globally, with many accessing banking, healthcare, and communication services through the Internet. One side effect has been the tremendous growth of digital businesses, but another has been the rise of cybersecurity attacks.
Some of the most common forms of cyber crime include business email compromise, phishing, cyber extortion, ransomware, and crimeware-as-a-service. Just like these attacks or their potential cause a loss of economic gains, they also provide an opportunity for companies that provide cybersecurity services. Revenue in Africa’s cybersecurity space is expected to exceed $2 billion, with companies like Cybervergent (formerly Infoprive) positioned to benefit massively.
While Omotosho’s journey to building Cybervergent began in 2003 when he deployed base stations for a telecoms service provider in Nigeria, he notes that earlier experiences from his childhood also influenced his career path.
“There's the subtle influence from earlier in my life. I'm an ex-boy of the Nigerian Military School (NMS), Zaria and I think that kind of shaped my mind into protecting stuff, security, [and] intelligence. So that bias, I think, has always been there.”
Beyond this, he was exposed to computers at an early age courtesy of his father’s job at the Federal University of Akure, while a dislike for blood ruled out medicine and surgery as a potential course of study.
A year into his role at the telecommunications company, he wanted a different experience and decided to get a Cisco Certified Network Associate certification. Over the next year, he spent most of his time studying for the exams. In 2004, after asking a friend to help him talk to an Interswitch employee about getting a job at the company, he got an interview, and subsequently, a three-month contract.
Although his contract was to end after three months, he stayed for longer; within 18 months, the head of IT infrastructure resigned paving the way for him to become the head of department.
The birth of Cybervergent
In his first month at Interswitch, the company needed to put a new product on the Internet and Omotosho was tasked with the responsibility, but less than 30 minutes after the website went live, it was hacked.
“That got me into how to protect websites. I started looking at firewalls and that led me into the journey of cyber security. Over the years, I had increasing responsibility. I started out building the cyber security team in Interswitch at the time and led a couple of initiatives.”
In addition to leading the fintech’s cybersecurity team, he led the team that helped it gain the Payment Card Industry Data Security Standard (PCI DSS) certification.
During his time at Interswitch, he discovered that some of the security procedures the company ran were implemented by foreigners, but it was not unique to the company. Other businesses that needed cybersecurity services had a similar practice.
At the same time, he was searching for a new challenge after nine years at Interswitch and felt he could fill that gap. He shared the thought with his team at Interswitch, who helped come up with the name, Infoprive.
After spending some months refining the services the new company was going to offer, he resigned from his role at Interswitch in April 2012, and officially started Cybervergent at his wife's insistence after a month's break.
Ironically, despite leaving to focus on security, when he tried to land cybersecurity gigs, many banks wanted his help becoming PCI DSS certified. One of those clients was Wema Bank, and Infoprive ended up helping it get its certification in 2013. As a result, much of the first six months were spent working as a consultant for companies in Nigeria and reselling security solutions.
However, that didn’t last long. While running through the content of Business in a Box, he decided to complete an exercise on business planning even though he was sceptical about business plans. By the time he was done, there was a clear picture of Cybervergent’s next ten years.
Today, the firm has served clients on three continents and has a staff strength of more than 60 primarily located in Nigeria.
Cybervergent business divisions
This October, the 11-year-old company unveiled a new brand identity, changing its name and unveiling new services. Here’s how Omotosho explains the change.
“Cybervergent represents not just a name change; it embodies the convergence of cutting-edge technology, visionary leadership, and our resolute commitment to safeguarding businesses in the digital age on the continent, starting from Nigeria, Africa's largest economy.”
Cybervergent to develop a platform that helps organisations automate cybersecurity privacy and compliance simply without hassle, leveraging artificial intelligence and machine learning to ensure digital trust in the ecosystem.
Cybervergent also has cybersecurity solutions that are designed to provide businesses with simple, scalable and comprehensive guidance, allowing an enterprise to safeguard critical systems and networks from cyber threats and disruptions, which include assurance, cyber operation centre cyber offensive, security engineering, digital forensics and compliance solutions.
Its revenue model includes annual subscriptions, one-off payments for specific services, and retainers. It also resells cybersecurity products and develops in-house solutions for which clients pay a licensing fee. Its client roster boasts of organisations in Cameroon, Ghana, Sierra Leone, Gambia, Kenya, and the Middle East, while 98% of its employees are located in Nigeria.
Cybervergent has not raised external investment since it was founded, choosing to bootstrap until it was known for providing great services. Omotosho adds that he considered raising capital a distraction as it would mean pursuing growth metrics that may not be helpful for the business’ long-term survival.
“We wanted to bootstrap to a certain point because if you raise money, you must have a use for it. The most important thing was actually building a solid foundation before we think of scaling rapidly. Maybe then we can start considering raising funds,” he notes.
Challenges and lessons from building a startup in Nigeria
Few, if any entrepreneurs start their business thinking it would fail. For the most part, there’s an expectation of success, but seeing as most businesses fail within the first five years, that is not always the case.
Omotosho’s first disappointment came when people who had encouraged him and even promised to patronise his new business bailed on him.
“I remember there were four particular people in four particular institutions I talked to, and all of them said, ‘Sorry, we need you to get a few credible clients before you can come back to us.’”
The second challenge is one every entrepreneur is familiar with — capital. After landing a contract with a commercial bank to install cybersecurity solutions, the bank stated it would only pay when the project was completed. Like many first-time entrepreneurs, he didn’t have enough money (around ₦15 million) to carry it out, so he tried getting a bank loan.
When that didn’t work out, he returned to the bank that gave the contract and asked for help. Fortunately, he was offered the opportunity to break the project into milestones, providing the company with enough funds for each step. While he was disappointed by not getting the loan, he points out that it taught him a lesson in structuring payments.
As pointed out earlier, despite starting Cybervergent as a cybersecurity company, most of the business that came its way was far removed from cybersecurity. When it finally got cybersecurity jobs, it struggled to land contracts above ₦15 million for nearly two years until someone he had worked with while at Interswitch recommended him for a network monitoring gig at a bank. The pay was three times what the company earned for its cybersecurity gigs and despite some initial reluctance, he accepted it, enabling the team to hire more employees.
Thanks to huge fundraises announced by startups, it has become fashionable to become an entrepreneur or a startup founder, if you wish. But not many entrepreneurs are prepared for the challenges that come as a result. Omotosho’s first tip for entrepreneurs is to go hard on customer acquisition.
“Go after customers, just get customers. Whether your product is MVP, whatever funky term we want to call it, when you start your business or are selling a service or a product, just go after customers and iterate based on what they say. They will always help you find your path, so to speak.
He also points out that entrepreneurs separate company resources from personal resources, adding that founders should place an emphasis on hiring the best people for the startup. “I see a lot of people who believe, ‘Oh, it's a company. I started the company. I founded the company, so it's my money.’ It's not your money. A company has a life of itself. It's a different entity, so always separate that,” he notes.