A survey by global accounting firm KPMG has established that East Africa (EA) has the highest adoption of digital transformation in Africa.
KPMG’s Africa Cyber Security Outlook 2022 Survey highlights, “While East Africa has driven the highest adoption of digital transformation, with 89 per cent of organisations undergoing digital transformation, they are also the largest proportion of cyber-attacks amongst the African regions (31 per cent reported cyber-attacks).
The survey draws insights from 300 respondents from across Africa (East, West and Southern Africa), spanning various industries. It explores the nature of cyber challenges faced by organisations and the solutions.
It established that the cyber landscape in Africa is highly dynamic and rapidly evolving – propelled by widespread digitisation and matched by adequate investments in protecting assets and data from cyber threats.
The survey identified key areas of focus for Africa including the integration of cyber security into core business strategy, more robust and risk-focused regulation, proactive threat identification and defence and a focus on the cyber talent pool.
“Irrespective of organisational size, companies are working to ensure data privacy and protection to build trust and safeguard consumer privacy. Organisations that report having a mature approach to cyber security strategy have been subject to half the number of cyber incidents reported across organisations that have not proactively dealt with cyber strategy,” Marcelo Vieira, Partner and Head of Cyber Security for KPMG South Africa said.
On cybersecurity strategy, Anthony Muiyuro, Cyber Lead at KPMG East Africa said, “Cyber criminals in this modern era are changing tactics to include data exfiltration, targeting personal user information and targeting organisations that attempt to aggregate, combine, compare and analyse data to better serve their consumers. Therefore, today, there is a much larger focus needed on not only mitigating threats but on the way, organisations are set up to deal with them,”
Muiyuro advised organisations to rigorously evaluate their security measures to identify areas for improvement.
“One effective way of achieving this is through conduction of ‘purple teaming’ as an approach for building confidence in established cyber security controls and responses and ensuring robust security oversight. 34% of respondents have a fully independent cyber and information security function with oversight through risk management and internal audit, with 47 per cent still maintaining this function within the IT function,” he said.
On cyber talent, the report established that 75 per cent of companies encounter challenges in recruiting and retaining qualified cyber professionals and only one in three have access to a sufficient talent pool.
Despite this, however, the report found out that some industries are well geared toward cyber skills, with the highest percentage of adequate skills being in the manufacturing (48 per cent) and ENR (47 per cent) sectors, followed closely by the FMCG and ICT sectors. The financial services and public sector have been prime targets for cyber-attacks and demonstrate an acute demand for cyber resources, largely due to the high level of regulatory oversight required.
“We need to change the way we recruit in this sector by improving the recruitment process and requirements, looking at non-traditional degrees, offering competitive salaries and of course looking at external collaborations with educational institutions to build skills, develop in-house talent and outsourcing skills to those in the know. Without this shift, we may be left behind,” John Anyanwu, Partner and Head of Cyber Security at KPMG Nigeria & Africa Cyber Lead said.
In other news, the annual Digital Transformation Awards is here. Call for the most innovative digital transformation brains! Apply now via link. Deadline: 31 September 2022.