In order to curtail the high cost of cyber-attacks in Africa, it is imperative that African business take more decisive steps to make data protection a high priority.
In the light of this, Ken Munyi, Country Manager at iWayAfrica Kenya says the millions of cyber attacks that yearly occur across the continent cause for concern, particularly for Africa’s larger economies such as South Africa and Nigeria, as well as Kenya which was ranked as the 69th most vulnerable country in the Global Threat Index out of 127 nations, in 2017.
“Guaranteeing data protection is vitally important for minimising financial loss while also complying with regulatory requirements and meeting customer expectations. Organisations need to take a proactive approach to enterprise security and view it as a strategic investment as opposed to an onerous expense to the institution,” notes Munyi.
Last year, AllAfrica reported that five of the world’s highest-risk countries are in Africa, a fact they got from Check Point’s Latest Threat Index at the time. According to the index, more than one in four organisations globally was affected by the Fireball or WannaCry attacks in May.
Threats like ransomware and malware continue to reach new levels of sophistication every now and then. Munyi says traditional and one-size-fits-all defences are no longer enough to properly address and reduce the potential risks of a cyber attack. “Just as the physical security of a business might include burglar bars, security gates and CCTV cameras, a similar multi-pronged approach is necessary for cybersecurity and should encompass security at the network perimeter and end-point level, together with application, email and web security measures.”
Munyi further revealed that “According to current estimates, Kenya has lost about Sh20 billion as a result of cybercrime, yet only 4% of Kenyan companies spent more than Sh515,000 (5,000 US dollars) on cybersecurity. The vulnerability of Kenyan organisations to cyber attacks can also be seen within the broader context of challenges faced by Telcos in the country”
In the event of a security breach, Munyi advises organisations first focus their efforts on mitigation of data loss and then come up with a plan of action that identifies where the breach originated, an assessment of the damage, and a strategy to prevent similar threats from materialising in the future.