- Africa suffers substantial financial losses due to cyberattacks, estimated to exceed $3.5 billion annually.
- The increasing interconnectedness and flow of people, goods, and information across the region, will intensify cyber risks.
- Developing local cybersecurity capabilities, investing in digital skills development will be critical in tackling threats.
An analysis by global management consulting firm Kearney is calling for urgent efforts for Africa to develop a comprehensive and forward-looking approach to tackle cybersecurity threats. The June 20th report: Cybersecurity in Africa: A Call to Action, emphasizes the growing scope of cyberthreats and the need to ensure Africa’s unhindered entry into the digital economy.
According to Rob van Dale, a Partner at global management consultancy Kearney, “Africa needs a comprehensive agenda to address its low cyber resilience, deal with the scale of cyber threats, and ensure Africa’s unobstructed leap into the digital economy.”
A four-point agenda
The report proposes a four-point agenda that calls for coordinated action to address four fundamental problems: elevate cybersecurity on the regional policy agenda, establish a sustained commitment to cybersecurity, strengthen the ecosystem, and develop the next wave of cybersecurity capacity.
Van Dale emphasizes the importance of a coordinated approach to cybersecurity, stating, “Cybersecurity programs often take a siloed approach to defending infrastructure, even though vulnerabilities extend across peer companies and vendors, and adversaries plan and execute sophisticated attacks across several targets at once.”
The African Union (AU) has taken steps to enhance collaboration on cybersecurity across the region by establishing the African Union Convention on Cyber Security and Personal Data Protection legal framework. However, the framework has been signed by 16 out of 55 member countries and ratified by only thirteen, indicating the need for a tighter coordination mechanism.
The article emphasizes how cyberthreats are increasingly interested in targeting Africa. According to Prashaen Reddy, a partner at Kearney, mobile penetration is expected to surpass 90 per cent this year, which would result in a major increase in internet access in Africa.
While some African nations have created national cybersecurity strategies and implementation roadmaps, the area as a whole continues to move at a moderate pace and with little urgency.
In order to create alignment within the AU, Van Dale underlines the necessity to prioritize cybersecurity in regional and national policy agendas by putting it at the top of the list of topics for discussion in regional economic dialogues.
Share of Internet users in Africa by Jan 2022
Africa’s cybersecurity landscape
Due to better electrical access, falling prices for internet-connected devices, and a concentration on the Internet of Things (IoT), Africa has seen a steady rise in internet adoption.
By 2021, internet penetration in Africa crossed 28 per cent, and by end of 2023, mobile penetration will surpass 90 per cent. According to forecasts, the cybersecurity market in the region will increase from $2.5 billion in 2020 to $3.7 billion in 2025, representing a compound annual growth rate of 7.9 per cent.
However, despite these investments, Africa suffers substantial financial losses due to cyberattacks, estimated to exceed $3.5 billion annually. The region also faces missed business opportunities resulting from the reputational damage caused by these attacks.
The increasing interconnectedness and flow of people, goods, and information across the region, coupled with the implementation of the African Continental Free Trade Area (AfCFTA), will intensify systemic cyber risks. Furthermore, socioeconomic challenges, such as the COVID-19 pandemic, have accelerated the digital transformation, creating new vulnerabilities that cybercriminals exploit.
To address these challenges, the paper emphasizes the importance of developing local cybersecurity capabilities, investing in digital skills development, and leveraging emerging technologies.
Two critical areas for focus are the adoption of two-factor authentication and the application of artificial intelligence and machine learning in cybersecurity.
The way forward in managing cyber risks
Africa’s cybersecurity challenges demand a comprehensive and collaborative approach. Elevating cybersecurity on the regional policy agenda, securing a sustained commitment, fortifying the ecosystem, and building the next wave of cybersecurity capability are critical steps for Africa to mitigate cyber risks, protect valuable assets, and position itself for sustained growth in the global digital economy.
As Africa strives to become a leading player in the digital era, governments, businesses, and individuals work together to ensure a secure and resilient cyber landscape.
Governance, cybersecurity strategy, cybersecurity law, information sharing, international collaboration, standard adoption, and awareness raising are some of the areas of focus.
To protect Africa’s cybersecurity landscape, it is essential to establish accountable national agencies, define policies, modernize cybercrime laws, encourage information sharing, adopt international standards, and raise awareness.