Cyberextortion continues to be a threat in sub-Saharan Africa. There are data leakages, targeted attacks in top 2 positions, and growing investment in connectivity and IoT.
The June 2022 report by IDC and KnowBe4 on Cyberextortion in Africa has revealed a complex cybercrime landscape within sub-Saharan Africa. Data leakages, insider threats and targeted attacks continue to negatively impact business security in the region. Budget constraints are making these threats worse. Nearly 60% SSA organisations have plans to increase connectivity or IoT use cases in the next 12 months. Along with the digital benefits, increasing investments in cloud, IoT, connectivity and digital solutions increases the risk.
The volume of threats facing organisations in Africa has grown exponentially over the past few years and there is a clearly visible linear relationship between the continent’s gross domestic product (GDP) and cybercrime – as one increases, so does the other, yet only about a third (17) of Africa’s 54 countries have completed a national cybersecurity strategy. This makes the threat landscape more complex and puts organisations at greater danger.
In 2022, the top threats to organisations in SSA are data leakage (61%), insider threat (43%), targeted attacks using phishing (37%), cloud-related attacks (34%), and ransomware attacks (30%). The top five global threats include business email compromise, cloud misconfigurations and software supply chain attacks. Social engineering attacks and phishing are still the most prevalent type of cybercrime. They are constantly evolving in terms both of their success rates and techniques. These challenges are influencing organisations’ security strategy. 43% of them focus on cloud migration security, 40% on secure access for distributed workers, and 36% on customer trust in digital services.
The report shows that 56% of SSA organisations are in the first two stages data security maturity. This means that many organisations are still struggling to find security footing in this changing landscape. Cybersecurity threats are much like trying to find balance during an earthquake. This is due to a lack of skills, budgets, and increased regulatory complexity.
“Chief Information Security Officers (CISOs) are struggling to find competent staff that can handle the security alerts they receive while also keeping up with data protection regulations, and building networks capable of withstanding the cyberthreats,” says Anna Collard SVP Content Strategy & Evangelist at KnowBe4 Africa. “In addition, one out of every three companies believes that there is insufficient integration between security and IT teams with 30% saying that hiring and retaining security skills is a challenge.”
Cyberextortion is a lucrative business. And cybercriminals don’t expect much retaliation from African states. It is very unlikely that it will stop, and is likely to increase in Africa. This means that organisations must focus on security strategies and investments that will allow them to fight this threat with more agility, resilience, and support. This includes prioritising a defense in depth model with cloud security, privacy and compliance, choosing the right security service provider and creating a security culture among employees and decision makers.
You can download the full report here [https://bit.ly/3z5R83A].
Distributed by APO Group, KnowBe4.
APO issued this Press Release. The content has not been reviewed by African Business. The content of this announcement is solely at the issuer’s responsibility.
Source: african.business
