A new report by IT firm Serianu has found more than 90% of African businesses are operating below the cybersecurity “poverty line”. This means that they cannot adequately protect themselves against losses arising from cybercrime activities.
The African Cyber Security Report 2017 indicated that African businesses particular SME’s lack the skills, resources or funding to protect, detect and respond to cybersecurity threats. It has become expensive especially for SMEs to adopt complex and international cybersecurity framework leading to neglect by SMEs which become the popular targets by cybercriminals.
“The findings from this survey shockingly point that most businesses especially SMEs are struggling to put in place basic cybersecurity structures. More than 95% of African organizations are either operating on or below the “Security Poverty Line.” Most of these organizations spend a maximum of US$1,500 annually on cybersecurity technologies and services.” Says William Makatiani, CEO Serianu Limited.
The report involved firms rating their capabilities by responding to 24 questions covering four key functions outlined in the Africa Cyber Security Maturity Framework resulting in establishing 5 maturity levels.
The report also found out that 96% of cybersecurity incidents went unreported or unresolved with mobile banking being the most targeted industry for cybercrimes in Africa. While banking and financial services industry is on top of the target list for cybercrimes, the rising adoption of internet and automation across a wide variety of industries have resulted in attempts and attacks reaching critical levels across government agencies, telecommunications, and mobile money.
Cybercrime costs the African continent US$3.5 billion in 2017 and has grown at least 20% with the list of cybercrime threats growing including mobile scams, sophisticated malware, and software and data breaches among others.
A casing point is the ransomware attack in 2017 WannaCry (also known as WannaCrypt) which affected several hundred thousand machines around the world including a number of African countries and crippling banks and other organizations and was described as one of the most devastating ransomware attacks in history.
The report calls for the entire Africa Cybersecurity ecosystem including governments, consultants, vendors to find cheaper, practical and self-reliant ways to address the continent’s cybersecurity challenges to avert the continued reliance on the overly expensive current frameworks that are currently not working for SMEs