Africa CISO Summit: CrowdStrike Sounds The Alarm On Insider Threats

Leading cybersecurity technology company, Crowdstrike, held an invite only breakfast event at the Africa CISO Summit to discuss on how best tackle insider threats in cyber security. The discussions showed how the biggest cybersecurity threat to any organisations are the insider threats.

Speaking at the breakfast event, Hermanus Lourens, a Senior Sales Engineer at CrowdStrike, have an overview of the threat landscape from the 2025 CrowdStrike Global Threat Report. According to the report, the landscape shows a 442 percent increase in voice phishing, a 50 percent increase in access broker activity, and that 79 percent attacks occur where there’s no malware.

Lourens further noted that social engineering is one of the causes of insider threats where threat actors tend to target the weakest link in any organization.

At the same session, Lehan Van Den Heever, a Sales Engineer at CrowdStrike, talked about the biggest state nation adversaries that pose a great cyber security risk globally.

In a panel discussion at the side event, Francis Mwangi from Platcorp Group Holdings, posed the question of whether IT leaders do the due diligence before they hire their IT staff. The panel included Deborah Mutungi, the Group IT Manager at Sarova Hotels; Seyoum Damtew, the Director Information System Security at the Commercial Bank of Ethiopia, and Steve Jump, a vCISO (Virtual CISO).

Deborah Mutungi said that in as much as IT Leaders try to do due diligence, the key thing is the levels to which it is done, especially when onboarding your IT crew. She emphasized that it is important to monitor the employees’ activities and make sure that what they do is well documented.

On the other hand, Steve Jump, insisted on the importance of being suspicious. According to Jump, whenever you are hiring new IT staff, it is important to be suspicious so that you may do enough due diligence before onboarding them.

Speaking from a banking perspective, Seyoum Damtew, said that 70 percent of risk in a bank comes from internal activities, emphasizing on how crucial insider threats are. He further talked on how to best avoid this and advised IT leaders to ensure that the devices that employees are using need to be connected to a central network that can help the CIO monitor all the activities.

CrowdStrike is a 360° sponsor at the Africa CISO Summit, happening on the 19^th and 20^th of March at the Radisson Blu Hotel in Nairobi. The Summit has brought together CISOs, government officials, regulators, and industry experts from across the continent to tackle the most pressing cybersecurity challenges facing businesses and critical infrastructure.