The ability to protect the data of partners and clients is today one of the fundamentals behind every business decision. Today’s fluid financial markets provide a plethora of access points for malicious actors to penetrate systems and acquire data. These have to be protected.
A system is only as strong as its weakest point. Therefore, as communication and financial networks become globalised, impregnable cybersecurity is becoming a prerequisite for investment in any territory.
However, cybersecurity on the African continent remains challenging and many companies are unprepared for cyber attacks.
In addition, only a handful of countries have laws in place to protect consumers and businesses. The Global Cybersecurity Index (2021) shows that of 54 African countries assessed, only 29 have introduced cybersecurity legislation.
African organizations are not giving cybersecurity the priority it deserves and this inadequate security is directly affecting business for enterprises, as well as countries.
According to Techcabal, Africa is losing $4 billion annually to cybercrime. However, cybercrime hurts companies beyond their financials, leading to data loss, theft of intellectual property and financial and/or personal information, and damage to brand and reputation.
Africa’s poor cybersecurity also means the region is now targeted by cybercriminals as the “soft underbelly” of global business networks. In Africa, many countries have seen a rise in digital threats and malicious cyber activities.
Ironically, Africa’s rapid technological evolution makes the region an attractive target for cybercriminals. This is slowly changing, though, with countries such as Kenya and Zambia implementing new cybersecurity laws.
New anti-piracy legislation is helping to build confidence in Africa as a business destination with the ability to limit – and hopefully eventually eliminate – copyright theft.
US companies are investing heavily in Kenya, following amendments to the latter country’s Copyright Act to block infringing domains on internet service provider networks.
Real actions are also being taken to tackle piracy. The Kenya High Court recently ordered internet service providers (ISPs) in the country to permanently block sports websites infringing on copyrighted material.
This pivotal decision follows a lawsuit that sought to compel the ISPs to block live sports streaming sites on their networks.
However, the region remains a major battlefield in the global cybersecurity wars. Irdeto, which provides worldwide digital platform cybersecurity solutions, focuses extensively on Africa, in our efforts to fight piracy and protect content, networks and intellectual property.
In terms of the financial implications of building robust cybersecurity, African organizations could benefit from a mindset change. Instead of talking about costs and financial barriers, the focus should be on risk-based decision-making.
The conversation should be about identifying and ranking risks, determining which are critical and above an organization’s risk threshold, and addressing those.
In the past, maturity-based cybersecurity approaches have been the norm. These approaches focus on building certain capabilities, but can lead to a “monitor everything” mindset, with inefficient spending, operational gridlock, and teams spread too thin.
Risk-based decision making is a paradigm shift towards a strategic focus where the efforts with the best risk-reduction return on investment (ROI) get the most resources.
Having said this, when reducing enterprise risk, the best ROI is often in employee awareness and training. Researchers from Stanford University in the US found that around 88% of all data breaches are caused by an employee mistake.