Africa must act now to address cybersecurity threats. Here's why

Strong cybersecurity is increasingly a prerequisite for investment.

Strong cybersecurity is increasingly a prerequisite for investment. Image: Unsplash/Desola Lanre-Ologun

Shane McCarthy
COO, Irdeto
Our Impact
What's the World Economic Forum doing to accelerate action on Cybersecurity?
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
Stay up to date:


Listen to the article

  • In a globally-integrated financial market, robust and resilient cybersecurity is a non-negotiable prerequisite for investment across the world.
  • But effective cybersecurity remains a challenge across Africa, with many organizations unprepared for cyber attacks.
  • Efforts should be made to improve cybersecurity and employee awareness to build resilient organizations people want to invest in.

The ability to protect the data of partners and clients is today one of the fundamentals behind every business decision. Today’s fluid financial markets provide a plethora of access points for malicious actors to penetrate systems and acquire data. These have to be protected.

A system is only as strong as its weakest point. Therefore, as communication and financial networks become globalised, impregnable cybersecurity is becoming a prerequisite for investment in any territory.

However, cybersecurity on the African continent remains challenging and many companies are unprepared for cyber attacks.

Have you read?

In addition, only a handful of countries have laws in place to protect consumers and businesses. The Global Cybersecurity Index (2021) shows that of 54 African countries assessed, only 29 have introduced cybersecurity legislation.

In 2022, 52% of companies in Africa believed that they were unprepared to handle a large-scale cyber attack.

The reality is grimmer; Interpol’s Africa Cyberthreat Assessment Report found that more than 90% of businesses on the continent were operating without the necessary cybersecurity protocols.

African businesses not prioritizing cybersecurity

African organizations are not giving cybersecurity the priority it deserves and this inadequate security is directly affecting business for enterprises, as well as countries.

According to Techcabal, Africa is losing $4 billion annually to cybercrime. However, cybercrime hurts companies beyond their financials, leading to data loss, theft of intellectual property and financial and/or personal information, and damage to brand and reputation.

Africa’s poor cybersecurity also means the region is now targeted by cybercriminals as the “soft underbelly” of global business networks. In Africa, many countries have seen a rise in digital threats and malicious cyber activities.

Ironically, Africa’s rapid technological evolution makes the region an attractive target for cybercriminals. This is slowly changing, though, with countries such as Kenya and Zambia implementing new cybersecurity laws.

Actions taken to tackle piracy in Kenya

New anti-piracy legislation is helping to build confidence in Africa as a business destination with the ability to limit – and hopefully eventually eliminate – copyright theft.

US companies are investing heavily in Kenya, following amendments to the latter country’s Copyright Act to block infringing domains on internet service provider networks.

Real actions are also being taken to tackle piracy. The Kenya High Court recently ordered internet service providers (ISPs) in the country to permanently block sports websites infringing on copyrighted material.

This pivotal decision follows a lawsuit that sought to compel the ISPs to block live sports streaming sites on their networks.

However, the region remains a major battlefield in the global cybersecurity wars. Irdeto, which provides worldwide digital platform cybersecurity solutions, focuses extensively on Africa, in our efforts to fight piracy and protect content, networks and intellectual property.

In terms of the financial implications of building robust cybersecurity, African organizations could benefit from a mindset change. Instead of talking about costs and financial barriers, the focus should be on risk-based decision-making.

The conversation should be about identifying and ranking risks, determining which are critical and above an organization's risk threshold, and addressing those.

In the past, maturity-based cybersecurity approaches have been the norm. These approaches focus on building certain capabilities, but can lead to a “monitor everything” mindset, with inefficient spending, operational gridlock, and teams spread too thin.

Risk-based decision making is a paradigm shift towards a strategic focus where the efforts with the best risk-reduction return on investment (ROI) get the most resources.

Having said this, when reducing enterprise risk, the best ROI is often in employee awareness and training. Researchers from Stanford University in the US found that around 88% of all data breaches are caused by an employee mistake.

Cyber breaches often due to human error

The human element in cybersecurity is less about deliberate crimes, and more about innocent mistakes by people who fall prey to seemingly legitimate emails with malicious links.

The same people will fail to apply basic security measures such as limiting permissions on cloud databases.

Despite some progress, Africa needs to further enhance its cybersecurity and improve confidence in its data-protection methods.


How is the Forum tackling global cybersecurity challenges?

A powerful first step towards doing this would be to form an African cybersecurity/data protection forum to implement relevant cyber and security laws to protect Africa from cyber attacks.

Other strategies should include public awareness campaigns, enhancing cybersecurity capabilities, improving regional collaboration, and strengthening public-private partnerships.

In the corporate space, firms should take steps to protect their content, brand, and investment against cyber threats.

Cybersecurity key to participating in global markets

They are not alone in this endeavour, and there are third-party experts who can support them in building cyber resilience and enhancing their investment appeal.

Once African organizations understand the cyber threats they face, they can define their strategy, deploy resources and build towards a complete solution.

The ideal outcome is digitally secure African companies and organizations that offer security for themselves, their partners – and the global networks of which Africa is an inextricable part.

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

FBI takes down army of ‘zombie’ computers. Here what to know

David Elliott

June 19, 2024

About Us



Partners & Members

  • Join Us

Language Editions

Privacy Policy & Terms of Service

© 2024 World Economic Forum