Five key markets in Africa - Ghana, Kenya, Nigeria, Tanzania and Uganda – together lost in the region of US$3.5 billion to cyber crime in 2017.

This is according to cyber security firm Serianu and its recently released Africa Cyber Security Report 2017.

"Further analysis of cyber crime for the countries: Nigeria Kenya, Ghana, Uganda and Tanzania was estimated at US$1.078 billion a year, which includes direct damage and loss, post-attack disruption to the normal course of business and reputational loss," the report said.

In the leading five countries, banking and financial services were most affected, losing US$248 million in 2017.

Government lost US$204 million, while e-commerce, mobile-based transactions and telecommunications lost US$173 million, US$140 million and US$119 million respectively.

Simon Muriithi, project leader for Cashless Kenya said this situation could limit the benefits of technology within the banking sector.

"For us this is one of the biggest challenges in going digital in Kenya right now, but we have good security experts locally who can help banks bridge the gap," said Muriithi.

Acccording to the Serianu research 90% of cybersecurity incidents were not reported.

Muriithi sympathises with organisations that grapple with the decision of whether to report incidents or not. "The banks cannot say they were hacked because they fear losing their clients," he said.

At the same time Muriithi was critical of companies that do not have comprehensive security policies and strategies in place, adding that failure to conduct full penetration tests on systems renders the business vulnerable to cyber attacks.

Muriithi added that hackers are now building larger networks which is likely to further impact efforts to track stolen funds. The situation is exacerbated by a lack of cyber security laws and specialised computer forensic teams in most countries, he said.

ICT professionals continue to stress the importance of education.

Ben Roberts, Group CTO at Liquid Telecom said "My top three priorities are education, education and education. All companies need to do their best to make sure the whole organisation understands and is aware of cyber-security both at home and at work. IT departments and information security officers need to be educated to the highest level - but cyber-security, just like physical security, is the responsibility of every member of an organisation."