The cybercrime wave making its way to Africa
African businesses are failing to take necessary steps to protect themselves against data breaches. Many organisations have experienced multiple security breaches within the last 12 months. The region could be facing a skills shortage as businesses struggle to find trained and qualified cybersecurity professionals.
These are just some of the concerns highlighted by businesses in new research conducted by Liquid Telecom. The study is one of the first of its kind evaluating how heavily the issues of cybersecurity and data protection weigh on the minds of employees at African businesses today.
In order to gather the data, Liquid Telecom surveyed 269 respondents from the business community. Respondents drew experience from a wide range of industries with IT professionals featuring heavily (over 31 percent) as did the finance community (14 percent). Over 40 percent of respondents work for microbusinesses and small organisations, while just over a third are employed by small to medium sized businesses with under 1000 employees. Large enterprises with more than 5000 employees make up just 12 percent of respondents.
Facing up to security breaches
In the wake of soaring internet use across the region, and the rise of the continent’s digital economy, comes the threat of damaging and increasingly sophisticated cybercrime. Incidents of cybercrime are on the increase across the region and globally, prompting the business community to raise its game or risk the financial devastation caused by a cyberattack or data breach.
Security breaches are worryingly commonplace across Africa. According to the survey, an astonishing two thirds of respondents have experienced a security breach in the last 12 months. Almost 10% of respondents claim their organisation has suffered more than 10 security breaches, while almost half state they have encountered between one and five security breaches.
It is also clear that African businesses are failing to take enough precautions to prevent data breaches. Over 40 percent of respondents believe African businesses could be doing more to protect themselves from data breaches, while almost a quarter feel the region is falling significantly behind global standards.
Mind the skills gap
A skills crisis could be emerging across Africa, with the survey results indicating there is a limited pool of cybersecurity talent. Over two thirds of respondents believe more training and qualified cybersecurity professionals are required. Furthermore, over a quarter of respondents express genuine concern over the lack of qualified cybersecurity professionals in the region.
With demand for cybersecurity on the rise in Africa, filling positions could become an increasingly hard process for businesses. African enterprises are running into what is, in truth, a global problem – a desperate shortage of people with the right skills and experience to combat cybercrime.
Neither Africa’s corporate training departments nor its public education sector are producing talented people at a fast enough rate to match the evolving nature of the problem. Tough economic conditions are tending to apply downward pressure on business ICT training budgets at a time when they should be increasing, loading added pressure onto existing staff. And governments are in many cases failing to play their part by not putting enough resources into national skills development programmes.
An alarming response
It is difficult to determine which is the more alarming statistic: that over 40 percent of respondents believe African governments should be introducing tougher legislation to support businesses in their fight against cybercrime, or that almost 40 percent aren’t even familiar enough with existing legislation to fully answer the question. What is clear, however, is that data protection legislation is a grey area for many businesses across Africa. Data protection legislation is evolving quickly across the region and businesses must keep up.
Developments to data protection legislation could be a deciding factor for businesses looking to expand across Africa, as they aim to avoid places where the integrity of data is set at a low premium, or where they might get hit hard by protectionist and maverick data laws designed to seal borders and favour domestic enterprises.
Establishing a regulatory framework that both protects citizens and allows for healthy economic development should be the end goal for many African nations. As in the long run, getting cybersecurity and data protection right will benefit all parties – consumers, businesses and governments alike – which is why now is the time for positive action.
To download Liquid Telecom’s full Cybersecurity & Data Protection Africa Report for free, visit www.liquidtelecom.com