When there is big news about a security issue or a cyberattack, it is very easy to assume the news will talk about a country or big business located in Europe or North America. Africa almost never gets any coverage when it comes to IT Security and Cyber hacking news happening on the continent. But the reality is when it comes to IT security problems, there is no such thing as countries, continents or separate territories. Cybercriminals operate globally and nobody is spared, they are after the money they can earn from cyber attacks using the Internet as a medium of exchange. The web transcends national borders and all people on the Internet are its netizens.
In this article, we will give Africa a cybersecurity focus it deserves and how Africa-based businesses implement countermeasures to fight cyber criminal acts.
Africa is not new for being a victim of IT security issues. In the 2017 Equifax case, digital certificate authorities issued fake certificates, which enabled the web browser to allow unsuspecting users to visit phishing sites, a portion of infected users is from Africa. Also in 2017, the infamous WannaCry ransomware infected computers from 150-countries, many of which are African countries. This incident is unprecedented given that victims are pushed to the wall. Placed in a critical situation where their only choice to recover lost data is by paying the virus authors the ransom they demand.
African businesses also have security standards like their western counterparts when it when it comes to data integrity protection and countermeasures against cyber attacks.
Organizations today are well aware of the threats, both coming from inside and outside their countries of operation. A company needs IT security-aware executives and boards of directors. Typical businessmen, of course, will never become IT experts in a short time but it is achievable. They just need to be aware and always have a mindset that someone is constantly watching, monitoring and conducting surveillance against their businesses.
IT Security should not be an afterthought, but a fundamental foundation of any business. Having a security-conscious team enables a firm to protect its interest in the long run, as there is the high value given to employees that update infrastructure, maintain computer systems and install an efficient threat detection system and defense layer.
Security audits are an investment to correct errors and prevent IT security disasters from happening. Companies in Africa have started being aware of the advantages of becoming ISO compliant organizations, as the certification projects confidence in handling data integrity.
Morocco, Nigeria and South Africa are blazing the trail in the African continent when it comes to ISO certifications. There is a 73% growth of Information Security Management System certified firms recently from 129 companies in 215 to 224 companies in 2016. Though there is a recorded increase of ISO compliance, the exposure to exploits remains just like the rest of the world.
The rise of IT Security-aware Professional
Analysts forecasted that cybersecurity-aware employees and professionals will grow by 20% by 2020. Africa-based firms are not left behind and follow this trend without fail, but it is not part of any western news headline. Talented and highly skilled IT professionals are available, but companies need to have an efficient and effective recruitment method in order to find them.
Business anchors on integrity
Ransomware reigned over the malware scene last year. Companies are in a search for security policies that work for them at a reasonable cost. Some African firms are already innovating to improve security. They do this by increasing spending on security products and services, in fact, there is a growth of 11 percent in spending on antimalware products.
Decision makers should take responsibility
Decision makers usually rely on their IT professionals if they are not security-aware themselves. Without this personnel, they are just increasing their risks of attacks by cybercriminals.
Executives need to integrate security issue agenda in their meetings and core discussions. It can no longer be done at the level of a CIO or CTO only unilaterally deciding how to keep the operations of the company working 2/47. ISACA State of cybersecurity 2017 reports that this is not the case at the moment, as many organizations are heavily dependent on the unilateral decisions made by the CIO and CTO.
As you have read, Africa is not left behind. It is a progressive continent as far as IT security arrangements are concerned. Other continents are the focus of mainstream news, especially the western part of the globe. The western market is bigger and the competition is more intense, however, it does not mean that Africa is losing the fight against malware and cyberattacks.