Companies in Africa spending heavily on IT security
African companies especially those in sub sahara region are increasing manpower and funding to protect their networks and private clouds, as well as increasing efforts to sniff out vulnerabilities in their computer systems. There is no doubt that an increase in resources channeled into cybersecurity makes sense, given the increasingly challenging threat landscape.I had a meeting with a former Prime minister in one of African countries with stable and fast growing economies who told me that recent high-profile attacks on global companies and attacks by the hacker groups like Anonymous are persuading network administrators to harden security and come up with solutions that will help companies stay ahead of hackers. The former premier whom I cannot name for various reasons told me businesses view cyber security as the biggest business worry now, ahead of other traditional threats such as fraud, natural disasters and acts of terrorism. He has been appointed as the head of his country e-governance program and represent his country in global meetings as well as sourcing the best brains to spearhead his country full migration to e-government.He narrated to me how they are taking more steps to protect their networks and are putting cybersecurity high on their list of priorities.
The rise of social media and mobile computing are also posing challenges to IT security.Nowadays, I have also learned that most employees are using mobile devices, such as smartphones and Tablet computers, to access company networks, as well as to communicate with their own network of friends and surf the Web.IT administrators are noticing that their network perimeters are being stretched. Not only do they have to secure devices within the company, they now need to protect company-issued notebooks like Assus and Dell as well as smartphones like iPhone,Blackberries,Android OS phones to mention but a few and Tablets like iPad and Galaxy Tabs.One of my recent observations is that malware toolkits are abundant and easily available online and that does not help the menacing problems at all. Gone are the days when one had to be a genius to create a malware because as of today it does not take an IT guru to create a malware variant these days.The problem has been compounded by that fact that when an attacker get their hands on a toolkit, they can start planning their attacks and the end result is consequential.
I would like to say from my professional point of view that businesses have a lot to lose if they do not pay serious attention to their cybersecurity policies.Apart from expanding IT budgets for cybersecurity,many businesses in Africa are now also more aware of the need for robust cybersecurity policies. However, the main challenge lies in disseminating and enforcing these policies.In the last few months I have been dealing with an IT administrator whom I advised that instead of handing out huge IT policy manuals to employees,as an IT administrators he should be more proactive by adopting an information-centric approach.As a start, “they should identify sensitive corporate information and encrypt the data if they are stored on desktops and laptops.According to a recent State of Security report in Africa, 25% of the 100 African companies surveyed said they lost about $5B and as a result of cyberattacks.They also said the cyberattacks affected business productivity, revenue and brand reputation.