African businesses are unique and so are the cybersecurity trends we encounter. We sat down with Deimos’s CTO, Jaco Nel, to understand cybersecurity trends impacting African businesses.
What Are Your Key Cybersecurity Trend Takeaways From 2022?
1. Cybersecurity trends in Africa in 2022 were not much different in comparison to the previous 2 years, with the exception of frequency.
Spurred on by COVID, there has been a significant increase in the adoption of technology in Africa which just continues to grow. This has resulted in a comparable increase in the number of cybersecurity threats, with a large number being targeted against governments, critical infrastructure, and businesses.
2. Explosion of cloud adoption continued and so did it’s poor implementation, leaving many business exposed to ‘run-of-the-mill’ cyberattacks
I don’t think anyone could have foreseen the rate of adoption of cloud. And although cloud offers so many advantages, such as cost savings, better collaboration, data loss prevention; what we saw in 2022 was that there were many young, ambitious entrepreneurs who were taking advantage of cloud without necessarily understanding the complexities, and best practices associated with it. Having said that, bigger businesses were having their fair share of cyberattacks due to i) bespoke engineering requirements that were implemented without a security first mindset and ii) lack of audibility and correct access level status, which meant that relatively preventable security breaches were going undetected.
3. Misconfigurations was a top cybersecurity threat for African businesses
The top cybersecurity trend weakness we saw across the board was misconfigurations. Cybersecurity misconfigurations refer to weaknesses in an organisation’s cybersecurity systems that are due to incorrect or incomplete configuration. These misconfigurations can be exploited by attackers to gain unauthorised access to an organisation’s systems or data. Some common examples of cybersecurity misconfigurations include:
- Broken Authentication and Access Control: The implementation of authentication and access control is conducted in a poor manner, leading to unauthorised access or privilege escalation attacks.
- Unsecured networks and misconfigured firewalls: Failing to secure an organisation’s networks, such as exposing internal-only systems to the internet, could allow attackers to gain access to sensitive information and business controls.
- Outdated software: Using outdated software can make an organisation more vulnerable to cyber attacks, as newer versions of software often include security updates and patches.
- Poor credentials and secret management: Unsecure storing of passwords, API credentials, and other secrets.
- Lack of password hygiene: Using weak or easily guessable passwords can make it easy for hackers to gain access to an organisation’s systems. Re-use of passwords across multiple systems and the insecure storing of passwords.
- Lack of two-factor authentication: Two-factor authentication (2FA) adds an extra layer of security by requiring users to provide a second form of authentication in addition to their password. Failing to implement 2FA can leave an organisation vulnerable to cyber attacks.
4. Lack of cybersecurity professionals is a problem for the African continent
Another cybersecurity trend is that there is a shortage of cybersecurity professionals in Africa, which has made it difficult for organisations to adequately protect themselves from cyber threats. Furthermore, as it can be quite a lucrative profession, many youngsters are joining businesses as cybersecurity professionals without necessarily having enough experience to ensure adequate standards are upheld.
Finding experienced cybersecurity professionals with cloud specific patterns, threats and vulnerability skills has proven to be extremely difficult, but crucial to businesses.
5. Lack of security awareness and understanding in software engineering teams
We have noticed a lack of security knowledge and skills in software engineering teams responsible for developing business systems. Oftentimes, teams fail to protect their web applications from the most critical, and well known vulnerabilities. We believe that it is crucial that all web application developers have a foundational understanding of the OWASP Top 10 security vulnerabilities.
6. Hybrid work environments create organisational weaknesses for African businesses that have not implemented proper policies and security measures
The way businesses operate has changed dramatically, yet the security and employee policies have not necessarily kept up. We are seeing unnecessary security breaches happening because remote/hybrid employees are having to go to coffee shops, friend’s homes, etc. to use their WIFI, which often doesn’t have the same security measures as businesses are used to or expect.
What Are The Top 5 Cybersecurity Trends That Might Occur In 2023?
As 2022 saw a rise in attacks, don’t expect 2023 to slow down. It will be much of the same but with the rising use of technology by the population at large, expect the following:
- Increase in ransomware and phishing attacks: Ransomware and phishing attacks are easy techniques for cyber criminals. Many African employees are not trained well enough to identify these attacks and so this will continue to affect Africa for at least the short foreseeable future.
- Increase in mobile threats: The increasing use of mobile devices in Africa has led to the emergence of new mobile threats, such as malware and adware that can compromise the security of a device. As Africa’s network distribution continues to grow, so will the mobile device population and so will mobile device cyberattacks.
- Increase in Cryptojacking: Cryptojacking, in which hackers use a victim’s computer to mine cryptocurrency, has also emerged as a significant threat in Africa.
- Businesses employ technology partners: Cyberattacks are growing in numbers and continue to evolve in technique and complexity. As big organisations look to become more lean and startups and other businesses adopt cloud, more and more African businesses will realise the benefits of partnering with security experts to secure their operations, rather than trying to do it in-house. This is due to the failures that we have seen in 2022 when businesses hire cheaper or less experienced engineers due to the scarcity of this profession, and end up with a half-baked solution that leaves them vulnerable to cyberattacks.
- Emergence of new threats: And of course, as technology advances, new cyber threats will emerge that are specifically designed to target African countries. If businesses are relying on inhouse engineers, they need to ensure that they remain up-to-date with best practice and OWASP (Open Web Application Security Project) top 10.
- More focus on data compliance from Governments, as data laws become stricter: Although Africa has been on the back foot with data laws, with South Africa only implementing POPIA in 2021 and Egypt having implemented theirs in 2020, more African countries will start to focus on data sovereignty and data compliance regulations. This means businesses need to ensure their technology partners are uptodate with African laws to avoid large fines and penalties.
How Do You Think Businesses Can Bridge The Digital And Physical World To Stay Safe From Cybersecurity Trend Attacks/Threats?
There are several steps that African businesses can take to bridge the digital and physical world and stay safe from cyber attacks:
- Security as a first-class citizen: Security should be the front of mind at all times. Do not make it an afterthought. Ensure you have the time, and resources, to treat it as a top priority.
- Create a dedicated cybersecurity team: Ensure you have the necessary skills and experience in your business to not only reactively, but also proactively secure and protect all aspects of your business.
- Develop a cybersecurity plan: Developing a comprehensive cybersecurity plan that includes policies and procedures for protecting against cyber attacks can help businesses stay safe from cyber threats.
- Train employees: This one we cannot stress enough. You are only as strong as your weakest employee. Providing training to employees on cybersecurity best practices, such as how to identify and avoid phishing attacks, can help businesses stay safe from cyber threats.
- Use secure networks and devices: In a world of growing hybrid or fully remote workforces, this one remains particularly vulnerable. Ensuring that all networks and devices are secure and regularly updated with the latest security patches, can help businesses stay safe from cyber threats on premise. However, for employees who work remotely, you need to ensure they have implemented best practices. Furthermore, when employees travel, it is better to provide them with a 5G dongle than to expect them to use airport WIFI. This is why having a remote work policy is essential.
- Implement two-factor authentication: Two-factor authentication (2FA) adds an extra layer of security by requiring users to provide a second form of authentication in addition to their password. Implementing 2FA can help businesses stay safe from cyber attacks.
- Use encryption: Encrypting sensitive data can help businesses stay safe from cyber attacks, as it makes it difficult for hackers to access or interpret the data.
- Regularly monitor and test systems: Things can change very quickly. Regularly monitoring and testing systems for vulnerabilities can help businesses identify and address any potential cybersecurity weaknesses before they are exploited by hackers.
How Do You Think AI And Machine Learning Will Affect Cybersecurity?
Although Artificial intelligence (AI) and machine learning may often seem like a foreign concept, there are so many use cases in our daily lives that we may not even be aware of – and that is the pure genius of AI. In terms of cyber security application, here are a few examples I could think of:
- Enhancing security: AI and machine learning can be used to analyse large amounts of data and identify patterns and anomalies that may indicate a cyber threat, thereby enabling businesses to respond to threats more quickly and effectively. A good example is in the financial industry. If a consumer makes a large purchase or transaction that is not part of their usual spending behaviour, especially if the funds are moving to a different country, the fraud department will be alerted and they will contact the client to validate the transaction.
- Improving network security: AI and machine learning can be used to analyse network traffic and identify unusual patterns that may indicate a cyber attack. For example, the AI might see an unusual amount of traffic going to your website from Russia. By being alerted in real-time, businesses are able shut down any vulnerabilities quicker, thereby minimising potential damage.
- Detecting malware: AI and machine learning can be used to analyse files and identify malware, which can help businesses and organisations stay safe from cyber attacks.
- Enhancing threat intelligence: AI and machine learning can be used to analyse large amounts of data and identify patterns and trends that may indicate a cyber threat. For example, an AI intrusion detection system (IDS) is a type of cybersecurity system that uses AI and machine learning to analyse data from various sources, such as network traffic and system logs, and identifies patterns and anomalies that may indicate a cyber attack. When a potential threat is detected, the AI IDS can alert security personnel and take action to prevent or mitigate the attack.
Do You Think There Will Be A Decline/Increase In Cybersecurity Hacks/Threats?
With technology adoption rates and hybrid/remote work environments on a steady growth path, unfortunately Africa can expect a linear relationship with cyberattacks. However, as the CTO at Deimos, my job is to ensure that the solutions we build are built with a security-first mindset. I also believe that prevention is better than cure, so I ensure that my team supports all our partners’ security with best practice and the most up-to-date security protocols.
For a complimentary security assessment for potential weakness in your business, contact Deimos here.