An Africa Perspective: Cyber Threats, Security and Data Protection
Graham Croock - Incidents of cybercrime are on the increase nationally and globally, prompting the business community to raise its game or risk the financial devastation caused by a cyberattack or data breach.
Some of the figures are terrifying. As digitisation for both consumers and enterprises accelerates, the cost of data breaches are expected to increase to US$2.1 trillion globally by 2019, increasing by almost four times the estimated cost of breaches in 2015, according to Juniper Research.
And that's just what the experts know. According to the World Economic Forum (WEF), a significant amount of cybercrime goes undetected - be it from hackers using zombie viruses or the murky underworld of industrial espionage where access to documents and data is difficult to spot.
Check point Software Technologies identified Namibia as the top African destination for cybercriminals by the end of 2015. The fact that Namibia has strong internet networks and inadequate laws dealing with cyberattacks and the punishment of cybercriminals, makes Namibia an easy target.
The Permanent Secretary in the Ministry of Information and Communication Technology, Mbeuta Ua-Ndjarakana, said in 2014 that they were working closely with the International Telecommunications Union developing national cybersecurity laws. To date the country is eagerly awaiting further developments.
Human factor
Cybersecurity is not just a technology issue. A recurring theme throughout modern research is how vital the human factor is in the fight against cybercrime. People are often the weakest link in preventing cyberattacks or a data breach (be it finding the right skills and talent to build an organisation’s cybersecurity policy, or raising awareness amongst staff about basic measures they can take to strengthen operations).
African businesses, specifically, find themselves at a crossroads, where they must balance digital transformation with a greater focus on security policies and how to protect customer data.
This is not just a big job for businesses, but governments across the Sub-Saharan region carry a heavy burden too - particularly when it comes to data protection. With Africa's digital economy continuing to scale up rapidly, the need is becoming more apparent for regulation and legislation to match. Approaches to the protection of data are changing across Africa, affecting both the digital privacy of citizens and the obligations of those that hold customer information.
Establishing a regulatory framework that both protects citizens and allows for healthy economic development should be the end goal for many African nations. As in the long run, getting cybersecurity and data protection right will benefit all parties - consumers, businesses and governments alike - which is why now is the time for positive action.
Breaches
Security breaches are commonplace across Africa. An astonishing two thirds of respondents surveyed during 2015 /16 have experienced a security breach in the last 12 months.
Almost 10% of surveyed respondents claim their organisation has suffered more than 10 security breaches, while almost half state they have encountered between one and five security breaches.
According to Gemalto's Breach Level Index, in South Africa alone, data breaches increased 15% in the first half of 2016.
Africa's two largest economies, South Africa and Nigeria, are estimated to be losing US$5130 million annually to cybercriminals like hackers, fraudsters and those intent on digital sabotage, according to a recent report from security software maker McAfee.
The problem appears to be getting more acute year on year. The severity of cyberattacks in East Africa alone was 37% higher in 2016, compared with the previous year, according to independent risk consultancy Control Risks which works with a variety of clients to assess threat levels.
Mobile data can be expensive in many African countries, and many consumers put-off updating apps or their device's operating system in order to conserve valuable data. Older device operating systems - particularly Android 3 and 4 - are less secure, and so consumers are putting themselves and their organisations at risk by not updating.
Security is often the last thing businesses think about. They do not assume criminals are after their information. They are and businesses need to be much smarter with how they handle customer data.
* Graham Croock is the Head of IT Audit, Risk and Cyber Lab at BDO SA
Some of the figures are terrifying. As digitisation for both consumers and enterprises accelerates, the cost of data breaches are expected to increase to US$2.1 trillion globally by 2019, increasing by almost four times the estimated cost of breaches in 2015, according to Juniper Research.
And that's just what the experts know. According to the World Economic Forum (WEF), a significant amount of cybercrime goes undetected - be it from hackers using zombie viruses or the murky underworld of industrial espionage where access to documents and data is difficult to spot.
Check point Software Technologies identified Namibia as the top African destination for cybercriminals by the end of 2015. The fact that Namibia has strong internet networks and inadequate laws dealing with cyberattacks and the punishment of cybercriminals, makes Namibia an easy target.
The Permanent Secretary in the Ministry of Information and Communication Technology, Mbeuta Ua-Ndjarakana, said in 2014 that they were working closely with the International Telecommunications Union developing national cybersecurity laws. To date the country is eagerly awaiting further developments.
Human factor
Cybersecurity is not just a technology issue. A recurring theme throughout modern research is how vital the human factor is in the fight against cybercrime. People are often the weakest link in preventing cyberattacks or a data breach (be it finding the right skills and talent to build an organisation’s cybersecurity policy, or raising awareness amongst staff about basic measures they can take to strengthen operations).
African businesses, specifically, find themselves at a crossroads, where they must balance digital transformation with a greater focus on security policies and how to protect customer data.
This is not just a big job for businesses, but governments across the Sub-Saharan region carry a heavy burden too - particularly when it comes to data protection. With Africa's digital economy continuing to scale up rapidly, the need is becoming more apparent for regulation and legislation to match. Approaches to the protection of data are changing across Africa, affecting both the digital privacy of citizens and the obligations of those that hold customer information.
Establishing a regulatory framework that both protects citizens and allows for healthy economic development should be the end goal for many African nations. As in the long run, getting cybersecurity and data protection right will benefit all parties - consumers, businesses and governments alike - which is why now is the time for positive action.
Breaches
Security breaches are commonplace across Africa. An astonishing two thirds of respondents surveyed during 2015 /16 have experienced a security breach in the last 12 months.
Almost 10% of surveyed respondents claim their organisation has suffered more than 10 security breaches, while almost half state they have encountered between one and five security breaches.
According to Gemalto's Breach Level Index, in South Africa alone, data breaches increased 15% in the first half of 2016.
Africa's two largest economies, South Africa and Nigeria, are estimated to be losing US$5130 million annually to cybercriminals like hackers, fraudsters and those intent on digital sabotage, according to a recent report from security software maker McAfee.
The problem appears to be getting more acute year on year. The severity of cyberattacks in East Africa alone was 37% higher in 2016, compared with the previous year, according to independent risk consultancy Control Risks which works with a variety of clients to assess threat levels.
Mobile data can be expensive in many African countries, and many consumers put-off updating apps or their device's operating system in order to conserve valuable data. Older device operating systems - particularly Android 3 and 4 - are less secure, and so consumers are putting themselves and their organisations at risk by not updating.
Security is often the last thing businesses think about. They do not assume criminals are after their information. They are and businesses need to be much smarter with how they handle customer data.
* Graham Croock is the Head of IT Audit, Risk and Cyber Lab at BDO SA
Kommentaar
Republikein
Geen kommentaar is op hierdie artikel gelaat nie