A white paper published this month has called for a comprehensive and forward-looking agenda for the continent’s approach to cyber-security.
“Africa needs a comprehensive agenda to address its low cyber resilience, deal with the scale of cyber threats, and ensure Africa’s unobstructed leap into the digital economy,” says Rob van Dale, Partner at global management consultancy Kearney.
The paper, “Cybersecurity in Africa: A Call to Action” provides a four-point agenda of concerted efforts that are required to tackle the core of the problem:
- Elevate cybersecurity on the regional policy agenda.
- Secure a sustained commitment to cybersecurity.
- Fortify the ecosystem.
- Build the next wave of cybersecurity capability.
“Cybersecurity programs often take a siloed approach to defending infrastructure, even though vulnerabilities extend across peer companies and vendors, and adversaries plan and execute sophisticated attacks across several targets at once,” says Van Dale.
The African Union (AU) has taken steps to increase collaboration on cybersecurity across the region by establishing the African Union Convention on Cyber Security and Personal Data Protection legal framework. The framework has been signed by 16 out of 55 member countries but only ratified by thirteen.
Such a system, based on the loose collaboration of national agencies and voluntary exchanges, is unlikely to go far enough to safeguard Africa. Therefore, a tighter coordination mechanism is needed.
The paper points to Africa becoming an even bigger and more popular target for cybersecurity threats. Van Dale’s colleague and fellow partner at Kearney, Prashaen Reddy, explains how internet access had grown across Africa and how mobile penetration is forecasted to exceed 90 percent this year.
“Investment in the region’s cybersecurity market is forecasted to grow from $2.5 billion in 2020 to $3.7billion in 2025. Despite this investment it is estimated the region loses more than $3.5 billion annually due to direct cyberattacks, and billions more from missed business opportunities caused by the resulting reputational damage from the attack,” says Reddy.
“A few African countries have already defined their national cybersecurity strategy and implementation road map. However, the pace, urgency, and harmonization of cybersecurity policy thrusts across the rest of the region remain too slow.
“Given varying levels of preparedness and differing national priorities, cybersecurity needs to be prioritized in regional and national policy agendas by elevating cybersecurity to the top of agendas in regional economic dialogue to achieve alignment within the AU,” says Van Dale.
The paper is available for download at this link: https://apo-opa.info/3CBNqQb