Cybersecurity talent in Africa: The challenges we face and the solutions we need
Africa faces a significant challenge when it comes to the availability and distribution of cybersecurity talents and secure IT infrastructures. This is important because as the continent continues to undergo digital transformation, the need for security becomes more apparent. We have seen too many enterprises globally suffer from attacks that cost money or bring essential services to a halt. Something needs to change.
Facing this challenge, as well as new business circumstances that influence how we build and maintain our IT systems, we need to understand how we got here, how the world has changed, how people are working, and the various ways we can work together to instil change and nurture the next generation of security graduates and professionals.
Many attackers, few defenders
Africa has a shortage of required security skills. According to the 2022 Africa Cyber Security Outlook survey by KPMG, nearly two out of three responding enterprises reported having trouble recruiting and retaining qualified cyber professionals. This is amidst a surge in cybersecurity across all sectors to the point that, there are an estimated three million cybersecurity job vacancies globally, which is expected to grow to 10 million in the near future.
What elevates the severity of this shortage is the fact that cyber attackers and malicious actors continue to set their sights on Africa. Interpol’s Africa Cyberthreat Assessment Report shows that the agency’s partner company Trend Micro recorded more than 679 million email threat detections, 8.2 million file threat detections, and 14.3 million web threat detections between January 2020 and February 2021. At the same time, the report found over 90% of businesses operate without proper security protocols. From online scams and phishing to ransomware, data-harvesting and disrupting malware, attackers are doing everything to exploit the vulnerability of organisations’ networks, applications, and users across the continent.
Setbacks and growing trends
Made up of countries with unique legislative and technical complexities, Africa is set back by limited investment. While there is definite progress in countries such as South Africa, Kenya, Egypt and Nigeria, in terms of attracting investment, the rollout creates inequities and places these nations ahead of others. Though also continually growing, the still limited number of datacentres impacts the continent’s overall level of data residency and retention.
Meanwhile, next to all the opportunities it creates, remote and hybrid working has introduced new challenges to organisations devising the ideal security strategy. As more and more employees work from different locations and become more reliant on Software-as-a-service (SaaS) applications, the security perimeter expands, and existing gaps widen. Cyber attackers are cognisant of this, and as such, organisations need to take extra steps to protect their networks.
Education and other solutions
When it comes to education, collaboration is the answer. For instance, managed services and security vendors are partnering with crucial learning institutions to introduce and offer ICT-based curriculums that cater to employment in the digital age and uplift graduates with the skills they need to excel. Vendors themselves offer online training and certification of their specific products and systems so that when exploring the job market, graduates have a firm grip on the tools and resources that companies worldwide use to build and secure their infrastructure.
In light of the shortage challenge, managed service offerings that cover network, cloud, and endpoint security, as well as fully staffed security operation centres (SOCs) are becoming more popular with organisations. Therefore, these partnerships are crucial to help protect and future-proof businesses adequately.
Africa's digital transformation can be accelerated through strategic partnerships between sectors and industry players, regulatory and standardised procedures, and prioritising skills development. We can shape it into a bastion of cybersecurity in the digital age and retain industry-leading professionals and systems that take us into the future and beyond.