Africa Ranks Low on Phishing Cyber Resilience

  /     /     /  
Publicated : 23/11/2024   Category : security


Africa Ranks Low on Phishing Cyber Resilience


As threats to Africas cybersecurity continue to grow, the continent faces high risks to its society and economy with a growing cyber skills gap and lack of preparedness.



Africa has had the most exponential growth in phishing-related cybercrime out of any region over the past few years, especially when aimed against small and midsize businesses.
Thats according to KnowBe4s
2024 Phishing by Industry Benchmarking Report
, out this week, which analyzed more than 54 million simulated phishing tests across 11.9 million users in 19 industries across the globe. The researchers found that inadequate user training was the primary reason why individuals across all industries fell victim to social engineering attacks. 
But its the users in many African countries that struggle with training in particular, especially as technology and connectivity experience rapid growth on the continent, causing technology-related threats to grow in tandem.
KnowBe4 researchers measure organizations
vulnerability to phishing attempts
in terms of the phish-prone percentage (PPP) — that is, the percentage of individuals in these businesses that are most likely to put the business at risk by clicking on malicious links or unknowingly opening documents or files containing malware. The findings show that Africas baseline PPP jumped from 32.8% to 36.7% in one year. In other words, more than one in three individuals in a company will fall for
phishing schemes
.
There are several reasons why Africa struggles with these kinds of challenges. Sub-Saharan Africa, for example, actually slowed in its economic growth in 2023 from 4% to 3.3%, likely due to its limited resources, its humanitarian and development struggles, poverty, and an energy crisis, among other issues. Compared with these pressing challenges, its cybersecurity training and culture fall behind on the list of concerns. And with all these factors compounding one another, many sub-Saharan African countries become targets for threat actors.
Some of these countries have imposed regulatory compliance laws to attempt to
combat these realities
and the rise of cybercrime, but most have not, according to the report.
Unfortunately, this means that African countries have become playing grounds for cybercriminals, who dont fear recourse on the continent and target particularly those industries and countries with high digital dependency, says Anna Collard, senior vice president, content strategy and evangelist, Africa, at KnowBe4.
To address these cybersecurity challenges, there are steps that must be taken in the areas of regulation, security awareness training, and guidelines, according to Collard.
Particular focus is needed on threats like deepfakes used for political manipulation, especially ahead of major elections in various African countries, she says, adding that more public-private partnerships are essential to build capacity, address the skills shortage, and improve resilience in the digital world.
Its also important to invest in Africas younger generation by providing cybersecurity education and training opportunities, she adds. This can be the first step to filling the skills gap, which is one of Africas biggest cybersecurity issues, while also addressing youth unemployment.
And the sooner countries in Africa are able to start addressing their risk, the better, as the researchers report that
cyberattacks
against governments and
critical infrastructure
are
expected to rise
. The public, construction, and education sectors have all scored low in cyber culture and resilience, which the researchers find concerning because of the domino effect such attacks can have on the rest of society and the economy. 
There is a drive by foreign governments like the UK FCDO [Foreign, Commonwealth & Development Office] or with their Africa Cyber program to help with cyber capacity building and in fostering more public-private partnerships opportunities, Collard says. While certain private-sector industries, such as banking, have well-established cyber operations and are better equipped to deal with attacks, public sector organizations struggle to retain talent, develop skills, or raise budgets to adequately resource their defense operations.
She adds: More coordinated collaboration is required between different departments, law enforcement agencies, and private sector companies to address the skill shortage, lack of funding, and poor public awareness levels.

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Africa Ranks Low on Phishing Cyber Resilience