With citizens, governments, and businesses more dependent than ever on digital connectivity, one of the most pressing sectoral issues for this decade is cybersecurity.
While this issue has been in the public consciousness for some time now, there is still a wide perception gap between organisational executives, who feel positively about their cyber resilience, and security leaders who do not.
In Kenya, the Communication Authority while releasing the country’s quarter one data revealed that in the period between January to March 2022 a total of 79.2 million cyber-attacks were reported which prompted the government to issue 28,848 advisories in a move to curb the rising attacks.
During the Inaugural Africa Cybersecurity Congress Agora Group co-founder and Chief Executive Officer Hadi Maleb highlighted the growing cyber threats to online businesses as more than 90% of business owners are unaware that their enterprises are at risk.
“The reality is that cybercrime is showing no signs of slowing down, posing risks across all aspects of society. In 2021, ransomware attacks were up 150% and more than 80% of experts say this growth is now threatening public safety,” said Michel Nader -Senior Regional Director Dell Technologies Africa, Middle East, Russia.
Agora Group co-founder and Chief Executive Officer Hadi Maleb in June 2022 warned that currently in Kenya ransomware attacks seem to be where hackers are shifting much focus targeting small businesses.
He further warned that the ransomware attacks are likely to attract payments over Sh4 trillion by end of 2022.
These statistics demonstrate the gravity and prevalence of cybercrime today. The question is, as we focus on global recovery, and a new era of economic growth, how do we protect against cyber threats?
In recent months we’ve seen an unprecedented policy focus on the threat of cyberattacks and digital resilience though prominence in WEF’s Global Risk Report for 2022, and the G7 communique that saw a formal agreement for governments ‘to work together to share expertise and minimise cyber risks’.
In order to deliver on globally ambitious designs of digital inclusion, sustainability, improved health outcomes, defence, and much more for the economies of tomorrow; cyber resiliency is a key building block and enabler.
The adverse financial impacts involved with cybercrime are seismic, and unsustainable for economies to absorb long-term.
It’s no secret that advanced technologies such as Artificial Intelligence (AI), Machine Learning (ML) and IoT are the key building blocks for future progress, but perhaps ironically, it’s these same technologies that can present new opportunities for cyber criminals.
“The ultimate challenge will be securing such technologies and enabling more resilient, long-term solutions to the threats posed by cyber criminals,” he added.
Economic rebalancing will only be equitable if these tools are accessible to all organisations and businesses. To make this vision a reality, the need for collaboration and support between the public and private sectors has never been more vital.
SME Cyber support vital for wider economy
Small and Medium-sized Enterprises (SMEs) are the backbone of local economies and yet are highly at risk. SMEs are seen as a key facet to trade and logistics, partner networks, and digital ecosystems, however, increasingly find themselves the target of cyberattacks.
Research shows that 43% of cyberattacks are made against small businesses, up from 18% just a few years ago. In Kenya, small businesses face a 47% increase in cyber-attacks in 2022, according to Kaspersky. Significantly, recent WEF reports indicate that 88% of respondents are concerned about the cyber resilience of SMEs in their ecosystem. In 2022, the number of Trojan-PSW (password stealing ware) detections in Kenya increased by 16% when compared to the same period in 2021.
It is essential that we work to support and protect such businesses, particularly as we look to build more resilient, balanced societies. SMEs, unlike other businesses, often require and are entitled to greater government support and nurture. Governments that recognise SMEs as integral to a truly flourishing society will empower and deliver the most economic progress. Helping these smaller organisations protect themselves against the ever-growing cybersecurity threat must be a priority for public sector recovery strategists, in the months and years ahead.
Public to Private Sector Empowerment
It is now more important than ever that public sector infrastructure empowers business resilience to help identify, protect, detect, respond, and recover from a cyberattack and enable a rapid return to fully functioning operations. Even with strong cyber defences in place, it’s impossible for companies to avoid all cyber disasters and their resultant, adverse impacts upon data, privacy, and trust.
Therefore, the key objective should be developing a cyber resilience strategy that can anticipate and quickly recover from significant disruption. The real test should be how quickly and seamlessly organisations can return to “business as usual”.
One essential component of such resilience is to create and implement thorough cybersecurity training exercises amongst workforces. This not only prepares employees to identify security risks and lures, but also heightens awareness and reinforces the need for teamwork, skills, and collaboration across the whole organisation.
In November 2021, Kenya officially launched the National Computer and Cyber Crimes Co-ordination Committee (NCCC) as part of the wider government’s sector role in taming cybercrime threats.
The committee has representation from security agencies, Central Bank of Kenya, Office of the Directorate of Public Prosecutions (ODPP) among other agencies. This committee was established under the Computer Misuse and Cybercrime Act of 2018.
Frontier technology solutions are the forces driving digital transformation. They offer us all a bright and exciting digital future. However, advanced capabilities also throw up new cybersecurity challenges, with greater opportunity for cyber criminals to disable critical infrastructure and cause huge upheaval at a societal level. Cybersecurity should be at the forefront of public sector and business leaders’ minds. A comprehensive cybersecurity strategy that works in alignment between governments and industry is a key component to post pandemic recovery for businesses, national economies, and citizens around the world.
Cybersecurity is more than just an insurance policy against attacks. Cyber resilience, if implemented effectively, can help turbocharge long-term economic prosperity and innovation, and provide the digital defences crucial to our modern world. This will go a long way in supporting digital enterprises in Kenya, in a country which has been dubbed as Africa’s silicon savannah.