The biggest security threats faced by Africa are to the continent's critical infrastructure and mostly to financial institutions, says Yusuph Kileo, cyber security and digital forensics investigation expert, as well as a speaker at the upcoming ITWeb Security Summit 2015.
"Our financial institutions are using online services, [such as] mobile banking, which has improved our services in terms of reliability, high performance and convenient maintainability, on the one hand.
"On the other hand, [online services] have exposed these financial institutions to cyber attacks. In Tanzania alone, it is estimated that more than $10 billion was lost in 2014, caused by the malware, denial of service attacks, and identity and data theft targeted at financial Institutions," he explains.
The second-biggest cyber security threat in Africa, says Kileo, stems from the misuse of social media, as witnessed in many African states, such as Libya, Tunisia, Kenya, Burundi and SA.
Social media platforms, according to Kileo, have been used to disseminate destructive information, including propaganda that promotes violence, extremist activities, and the recruitment and training of potential terrorists. The transfer of confidential information through social media has been a serious issue needing serious measures, he adds.
Kileo argues the third-biggest threat lies in e-commerce, with identity theft, data theft and fraud being some of the risks associated with doing business online.
To date, Kileo points out, Africa as a continent has rolled out several initiatives to combat cyber attacks. These include the African Union Convention on cyber security; and the HIPSSA project, which was initiated to harmonise ICT policies and legislations in sub-Saharan Africa. In addition, he explains many African countries have benefited from ITU-IMPACT assessments of their cyber threat preparedness and response capabilities.
In terms of the biggest challenges to establishing security initiatives on the African continent, Kileo lists:
* Decision-makers who do not consider cyber threats a priority;
* Users not being aware of the potential impact of cyber threats, and hence not doing enough to push their governments to take action;
* Lack of knowledgeable experts in the field of cyber security;
* Lack of collaboration - most nations fight cyber crime individually, forgetting these crimes are borderless; and
* Lack of harmonised cyber laws - so far not all African countries have specific cyber laws in place.
Commenting on what African-based businesses and governments should do to better protect themselves against cyber threats, Klieo states competent regulatory and legal frameworks need to be in place, while organisations should also concentrate on capacity-building in the area of information security.
Furthermore, he says, there is a need for improved collaboration between states and organisations about cyber security, and adds that equally important is access to improved technology, the establishment of awareness campaigns and the publication of cyber crime statistics.
Share