ADF STAFF
As internet access spreads rapidly across the continent, cybersecurity remains an important challenge as Africa lacks online security professionals, digital literacy among the population and legislation to confront online crime.
“Africa’s digital potential can’t be unleashed if the continent’s key cybersecurity challenges are not addressed,” Charmaine Houvet, senior director of government strategy and policy at Cisco Africa, wrote recently for Fast Company.
With internet access across Africa projected to grow by more than 57% to 1.1 billion users by 2029, security threats will continue to increase, requiring nations to invest more in cybersecurity, experts say.
“No African economy, no matter its level of development, can afford to be targeted as the ‘soft underbelly’ of global business networks by cybercriminals,” Houvet wrote.
Houvet recommended several ways in which African nations should invest to improve national and continental cybersecurity:
- Increase the use of tested security measures, such as artificial intelligence (AI), to detect threats from malware and phishing scams and respond to them immediately.
- Expand training programs to improve digital literacy and cyber-related skills, especially among rural populations and women.
- Invest more in security measures that bring down the price of protecting online data in a region (Sub-Saharan Africa) that has some of the world’s highest data protection costs.
A variety of cybersecurity experts say African nations also must invest more in developing homegrown cybersecurity experts. The continent needs more than 100,000 qualified cybersecurity experts to meet the demand of a rapidly digitizing population, according to Liquid C2, an Egypt-based cybersecurity firm.
In its 2024 analysis, cybersecurity firm KnowBe4 described Africa’s cybersecurity environment as “moderate.”
KnowBe4 noted that Africa’s cybersecurity landscape is improving but still faces limited resources, inadequate cyber awareness, and economic restraints. However, three nations — Ghana, Kenya and Nigeria — have become models for managing cybersecurity.
Kenya’s banking sector, in particular, received praise as “a standout performer” for its robust security operations, according to KnowBe4.
Ghana’s dedication to improving its cybersecurity boosted it from near the bottom of the International Telecommunications Union’s 105-nation Global Cybersecurity Index (GCI) in 2017 to the top tier in 2024.
“Ghana’s leadership in cybersecurity did not happen overnight. Instead, the country’s achievement is the result of strategic decisions and long-term investments made over the past decade,” World Bank researchers wrote in a 2023 report on Ghana’s cybersecurity success. The national leadership’s investment in cybersecurity, including the creation in 2023 of the Cyber Security Authority, was key to Ghana’s progress.
Nigeria, home to Africa’s largest number of internet users, ranks in the middle of the ITU’s five-level cybersecurity metric. The nation is improving its cybersecurity but still has ground to cover, according to the ITU.
Remi Afon, past president of the Cyber Security Experts Association of Nigeria, recently called for the federal government to more urgently address Nigeria’s cybersecurity shortcomings.
“Despite being Africa’s largest economy and a rising tech hub, Nigeria’s performance in the GCI reflects several deep-rooted challenges that hinder its ability to effectively secure its digital infrastructure,” Afon said in a public statement.
Although a handful of countries have established themselves as cybersecurity models, many African nations continue to struggle with building their cybersecurity foundations. For those nations, cybersecurity expert Yasmine Abdillahi said it’s crucial to focus on the basics.
Even simple steps such as limiting access to computer systems, backing up files and requiring two-factor authentication can reduce the risk of cyberattacks, she wrote.
“In resource-constrained environments, core and basic practices are often easier to achieve than comprehensive frameworks,” Abdillahi wrote recently for the Atlantic Council. “Despite the increasing use of advanced and complex technologies like artificial intelligence, basic security measures remain surprisingly effective at diminishing the likelihood of cyber threats and mitigating their impact.”