African organisations must adopt an active defence posture in view of the continent’s rapid uptake of technology
Considering the constantly evolving and increasingly sophisticated cyber threat landscape, the state of cybersecurity, resilience and data protection in Africa potentially has global implications. The advent of the internet has essentially abolished borders, meaning that a cyberattack on the African continent can directly or indirectly impact individuals and organisations outside the region. Thus, governments and cybersecurity organisations are constantly working to increase cyber resilience on the continent.
However, it is always tricky to stay one step ahead of crime syndicates and bad actors as any cybersecurity and data protection strategy is only as strong as its weakest link. Despite this, it is very important that Africa does not become a fertile breeding ground or point of entry for global cyberattacks.
While it is widely understood and acknowledged that this continent has huge potential for the adoption of communication technology and Information Technology (IT) solutions, this also creates some unique challenges for cyber security and resilience. A key factor in this is the fact that 60% of Africa’s population is under the age of 25 – a demographic that readily embraces the use of technology and innovation to solve economic problems that face the region.
Rapid growth of mobile banking
For example, the lack of access to banking and finance facilities in certain parts of Africa has seen the rapid proliferation of online services such as mobile banking. In fact, the continent currently has the fastest growing telephony and internet penetration rate in the world.
With more than half a billion internet users in Africa, the continent boasts a bigger online community than either North America or South America. Despite this, the current volume of internet users per Africa’s population is only 43%, so there is still huge potential for growth. But while technology is allowing Africa to solve many of its problems, its large-scale uptake is also creating challenges, as 90% of businesses that operate on the continent do not have the required cybersecurity, data protection or intelligent data management protocols in place. This has the potential to position Africa as a cyberattack vector.
According to Accenture, South Africa has the third highest number of cybercrime victims in the world, with a 100% increase in mobile banking fraud. Thus, from a global perspective, what is done here to safeguard and protect data and to make sure that organisations have very resilient data protection strategies is extremely important.
Added complexity
However, the fact that most modern day companies have multi-cloud strategies, means that much of their data resides in different locations, with a large amount of enterprise critical data being stored outside of the company’s environment. This adds further complexity to data protection and organisations whose data is hosted by hyperscalers need to understand the shared responsibility model and that they are still responsible and accountable for their data.
Organisations must understand where their responsibility starts, and where the service provider’s responsibility ends. Unfortunately, most companies lack complete visibility into where their data resides, making it difficult to manage and protect. African organisations should therefore adopt a comprehensive approach to data protection, threat detection and security measures that are robust enough to ensure business continuity.
Data protection is evolving at a rapid pace, encompassing a broader framework that goes beyond traditional backup and recovery. By focusing on cyber resilience and adopting an active defence posture, organisations on the continent can align to global data protection and security trends.