cb.web.local

twitteryou tubeacpLinkedIn

Mastercard’s Africa Cyber security Centre of Excellence aims to boost cyber resilience. (Image source: Adobe Stock)

Mastercard has launched its Africa Cybersecurity Center of Excellence, a pan-African initiative aimed at improving cyber resilience, strengthening collaboration and protecting the trust that supports Africa’s rapidly expanding digital economy

The announcement was made during Mastercard CEO Michael Miebach’s visit to South Africa and Nigeria, highlighting the company’s continued commitment to supporting Africa’s digital transformation. Through the new initiative, Mastercard will bring its global cybersecurity expertise and intelligence capabilities to help organisations across the continent prepare for, respond to and recover from increasingly complex cyber threats.

The launch follows commitments made during recent engagements with the Nigerian government in Abuja and the South African government during the G20 meetings held in Johannesburg, with both discussions focused on advancing cybersecurity efforts across Africa.

Cyril Ramaphosa, president of South Africa, said, “We recognise that for digitisation to be inclusive, it must be trusted and secure. Mastercard has long been a trusted partner to South Africa, and its Cybersecurity Centre of Excellence is a welcome step to build on that foundation, drawing on the country’s best and brightest to meet a challenge no government or company can solve alone."

Bola Ahmed Tinubu, GCFR, president of Nigeria, commented, “As Nigeria deepens its digital transformation, secure and trusted systems will be critical to inclusion and growth. We welcome collaborations that strengthen our digital economy and build resilience for the future.”

As digital adoption continues to grow across Africa, cybersecurity has become increasingly important to economic development. The Africa Cybersecurity Center of Excellence has been established to support stronger collective defence by connecting financial institutions, public sector organisations and businesses to share intelligence, improve preparedness, identify threats earlier and strengthen long-term resilience.

Michael Miebach, CEO, Mastercard, said, "Africa is dynamic, fast-growing, and ready to scale its digital future. That won't happen without trust. People don't use what they don't trust. That makes cybersecurity foundational to driving economic resilience and growth across the continent. By doing more to connect public and private sector efforts and share best practices, we can strengthen collective defense and secure a more confident and inclusive digital economy."

Africa’s digital economy is expected to reach US$1.5 trillion by 2030, increasing the need for stronger cybersecurity cooperation. At the same time, cybercrime continues to rise across the continent, causing significant economic losses annually. However, only around 35% of cyber incidents are officially reported, with limited detection capabilities, cyber maturity gaps and reputational concerns contributing to underreporting.

South Africa remains one of Africa’s most targeted markets, accounting for approximately 29% of ransomware attacks and 40% of phishing incidents across the continent. Nigeria also continues to rank among the markets most affected by ransomware and dark-web-related cyber threats.

Led by Mastercard, the multi-year initiative will begin a phased rollout in 2026, starting with South Africa and Nigeria. Through a collaborative model, the Center aims to strengthen cyber preparedness, improve resilience and support safer digital growth across Africa.

Operating as a pan-African platform supported by connected digital capabilities, the Center will provide participating organisations with improved visibility into emerging cyber risks. The initiative will include a first-year ecosystem cyber risk analysis covering up to 50 organisations, as well as access to an Africa-focused threat intelligence feed developed by Recorded Future, a Mastercard company.

By enabling collaboration among chief information security officers (CISOs), business leaders and cybersecurity professionals, the Center will support secure information sharing, joint exercises and coordinated responses to help create a stronger cybersecurity ecosystem across Africa.

The initiative will continue evolving as cybersecurity requirements change, with its activities centred around three key pillars:

Threat intelligence and strategic insights: Providing participating organisations with Africa-focused cybersecurity intelligence, risk assessments and a shared understanding of emerging threats.

Collaboration and knowledge sharing: Connecting CISOs, senior business executives and security teams to improve collective response capabilities and promote cybersecurity best practices across industries.

Readiness and resilience: Helping organisations prepare for future threats through continuous risk monitoring, resilience evaluations and scenario-based exercises designed to improve response and recovery.

The launch of the Africa Cybersecurity Center of Excellence represents another step in Mastercard’s broader commitment to building trust in the digital economy. Since 2018, the company has invested more than US$12.6bn in cybersecurity innovation and supported the launch of more than 20 cybersecurity-focused startups.

The initiative further reflects Mastercard’s transition from a payments network into a technology and cyber intelligence partner, supporting stronger cyber resilience and enabling secure, inclusive and sustainable digital growth across Africa.

By collaborating with governments, financial institutions, businesses and SMEs, Mastercard aims to strengthen the digital foundations required for inclusive economic development and support a more secure and resilient digital future across the continent.

African regulators in Kenya and Ghana are leading the way, strengthening digital asset safety and trust

Over the past decade, financial systems worldwide have become more digitally interconnected than ever. While this connectivity brings convenience and speed, it also opens the door to financial crime

From complex money-laundering networks to cyber-enabled fraud rings, criminal actors exploit gaps in regulation and oversight. As traditional finance evolves, so do opportunities for abuse—and this risk is especially pronounced in the rapidly expanding digital asset space.

Cryptocurrencies and other digital assets promised a more inclusive and efficient financial system. Yet without appropriate safeguards, innovation can inadvertently create new avenues for exploitation. Over recent years, financial crime has grown alongside the digital economy. According to Chainalysis, by July 2025, over US$2.17bn was reported stolen from cryptocurrency services. But these numbers reflect real human consequences: small businesses locked out of working capital due to crypto scams, families losing savings to impersonation schemes, and young founders forced to shutter promising ventures after a single fraud incident drained their liquidity. Financial crime in digital assets is not abstract—it is personal, and often irreversible.

Criminals increasingly leverage digital currencies via darknet markets, ransomware demands, and other schemes, exploiting weak oversight, insufficient identity verification, and gaps in enforcement. That’s why anti-money-laundering (AML) and counter-terrorist financing (CTF) controls aren’t bureaucratic checkboxes—they are foundational infrastructure for a functioning financial system. Regulation is not a “nice-to-have”; it is the safeguard that separates legitimate innovation from systemic risk.

The Risk Landscape Sharpens as Digital Assets Grow

Without clear rules, digital assets have often been described as the Wild West of finance: a frontier of opportunity with minimal accountability. While stories of lost wallets and exchange hacks capture headlines, the deeper issue is systemic: when markets operate without enforceable standards for transparency and oversight, bad actors thrive.

Digital assets can drive economic inclusion, particularly in emerging markets across Africa. But that potential is limited if fear of fraud, theft, or criminal misuse overshadows the benefits. Regulation that prioritises financial safety protects consumers and strengthens trust—a prerequisite for widespread adoption.

Regulatory Momentum: Kenya and Ghana Take a Stand

Recognising these risks, several African countries have moved beyond debate and implemented decisive measures. Kenya and Ghana stand out as leaders, enacting comprehensive digital asset regulatory frameworks in 2025. At a time when many developed markets still struggle to balance innovation with enforcement, African regulators are showing that clarity is achievable. These frameworks are deliberate, consultative, and designed for sustainable market growth.

In Kenya, the Virtual Asset Service Providers Bill, formalised in November 2025, made the country one of the first in the region to clearly define licensing, compliance expectations, and supervisory oversight for Virtual Asset Service Providers (VASPs). Yellow Card’s team contributed significant input to ensure the law supports innovation while enforcing robust AML and CTF safeguards.

Similarly, Ghana’s Virtual Asset Service Providers Bill, 2025, which received presidential assent in December 2025, marked a historic milestone. For years, Ghana’s digital asset market had operated in a gray area, widely used but legally uncertain. With the VASP Bill, cryptocurrency activities are now formally legalised and regulated. Oversight responsibilities are distributed across the central bank, securities regulator, and financial intelligence unit, ensuring identity verification, transaction monitoring, and illicit flow prevention. These laws do more than confer legitimacy—they protect individuals, businesses, and the broader financial system.

Why Regulation Matters: Financial Safety and Security Aren’t Optional

Financial crime is not merely a compliance concern for multinational corporations; it is a real threat affecting individuals, firms, and economies. Fraud and money laundering erode consumer confidence, divert capital from productive use, and distort markets. In the digital asset sector, unregulated exchanges and opaque operations exacerbate these risks.

Regulatory frameworks like those in Kenya and Ghana create a “safe zone,” where innovation can flourish under clear standards. Mandatory Know-Your-Customer (KYC) protocols verify identities. AML and CFT processes detect and deter illicit flows. Coordinated oversight enables regulators and operators to combine on-chain analytics with traditional compliance tools, identifying suspicious activity in real time.

A Global Operator’s Perspective: Yellow Card’s Commitment to Safety

At Yellow Card, we operate in 34 markets, with a presence in 20 African countries and strategic relationships across Europe and the US. This global footprint exposes us to some of the world’s most sophisticated regulatory regimes. We view financial safety and security not as optional, but as prerequisites for responsible, scalable operations.

We have implemented robust risk and financial crime programmes, including advanced identity verification, transaction monitoring, and real-time risk scoring. These systems are deployed daily to protect users and reinforce trust in the digital economy.

The Future Depends on Safe, Secure, Accountable Markets

As digital assets integrate further with traditional finance and everyday commerce, the stakes for financial integrity will rise. Jurisdictions that act decisively with transparent, enforceable regulations and international cooperation will unlock broader economic potential. Those that delay risk stagnation and uncertainty. Policymakers must focus not on whether to regulate digital assets, but on how swiftly and effectively. Clear rules today prevent crises tomorrow.

Regulation that confronts financial crime does not stifle innovation—it enables it by eliminating fear and building trust. For Ghana, Kenya, and other forward-thinking nations, the message is clear: the future of finance must be safe to be sustainable. When safety is non-negotiable, everyone benefits—consumers, businesses, and the economy at large.

Integrity360 acquires Redshift in South Africa, boosting cybersecurity services, expertise, and regional expansion

Integrity360, continuing its global growth strategy and dedication to Africa, has acquired Redshift, a respected Johannesburg-based cybersecurity services firm. Financial details of the deal were not disclosed

This move follows Integrity360’s earlier regional investments, including the 2024 and early 2025 acquisitions of the Grove Group and Nclose.

The acquisition expands Integrity360’s South African presence to a team of over 230 employees serving clients across the continent. Its Johannesburg and Cape Town operations also function as key hubs for the group’s integrated global Security Operations Centre (SOC), delivering a full suite of managed services, including EDR (Endpoint Detection and Response), XDR (Extended Detection and Response), and MDR (Managed Detection and Response) solutions to both local and international clients.

Founded in 2015, Redshift has earned a strong reputation for excellence in cybersecurity testing and other specialized services, such as cybercrime investigations, anti-fraud advisory, scammer group takedowns, cyber intelligence, and managed services. Redshift adds approximately 50 customers, including leading South African finance, banking, and telecommunications organisations, and around 40 additional employees to the Integrity360 group.

Redshift will serve as a regional centre of excellence for cybersecurity testing and integrate closely with Integrity360’s existing advisory and managed services teams. Integrity360 plans to invest in expanding the business by leveraging the group’s extensive resources.

Redshift clients will gain access to Integrity360’s comprehensive cybersecurity portfolio, encompassing cyber risk and assurance, 24/7 incident response and forensics, infrastructure and technology services, PCI compliance, operational technology consulting, and a full range of managed services, including Managed SASE (Secure Access Service Edge), Managed CTEM (Continuous Threat Exposure Management), and advanced XDR/MDR solutions. Integrity360 has been recognised five times in Gartner market guides, most recently for Incident Response and Forensic services.

Ian Brown, executive chairman at Integrity360, said, “We are very excited to be welcoming Sean, Cailan and the entire Redshift team to Integrity360. The reputation and expertise they have developed since their formation in 2015 is highly impressive and we are looking forward to helping them provide an enhanced set of services to their customers and expanding further in the African market over the coming years.”

Sean Howell and Cailan Sacks, directors of Redshift, added, “This is a significant moment for us, and we could not be more delighted that Redshift is joining Integrity360 and continuing the growth and development of the business that was initially started by Sean a decade ago. Thanks to the support of our customers and employees, Redshift has grown enormously during that time, and having spent considerable time with Ian, and the wider Integrity360 leadership team, we are confident will continue to do so being part of the Integrity360 group. We are excited about the future for us as an organisation, for our people and in particular for what the enhanced group can provide our customers moving forward.”

ASM strategies to protect digital assets

Attack surface management (ASM) has seen significant growth in recent years, evolving into a recognised market category that provides businesses with the visibility and strategies needed to safeguard their digital assets, reports Kyle Pillay, security as a service manager at Datacentrix

As Forrester’s Attack Surface Management Solutions Landscape, Q2 2024 notes, ASM “delivers insights on assets that ultimately support business objectives, keep the lights on, generate revenue, and delight customers.”

At its essence, ASM involves continuously discovering, identifying, inventorying, and assessing the exposures of an organisation’s IT asset estate, a foundational step in maintaining a strong security posture.

Knowing your environment

Fundamentally, ASM helps organisations ‘know your environment’, highlighting gaps in defenses before attackers can exploit them.

Every threat actor or hacker begins with reconnaissance, mapping out your external-facing assets. This is why External Attack Surface Management (EASM) exists: it concentrates on what attackers can see. Without viewing your environment through this external lens, organisations cannot know which access points are visible or exploitable, leaving them unable to proactively detect or prevent threats before incidents occur.

First steps in protecting your attack surface

The first step in ASM is identifying external-facing touchpoints such as public IPs and domains. For instance, you might recognise your primary domain (e.g., mydomain.co.za), but visibility into similar domains, like mydomain.com, mydomain.net, mydomain.tech, or mydomain.ac.za, is also crucial. These can be targeted for domain squatting or cybersquatting, where attackers exploit similar names to mislead users and enable phishing attacks.

A strong ASM solution not only maps your current footprint but also identifies domains worth securing before malicious actors register them.

If a deceptive domain is registered, like mydomain-tech.co.za, you need an effective takedown process. International domain takedowns can be complex, requiring a partner capable of legally liaising with registrars across jurisdictions. With the right procedures and partnerships, such domains can often be removed within four to eight hours, limiting potential damage.

Keeping pace with today’s infrastructure

One of ASM’s biggest challenges is keeping up with the rapid growth and sprawl of modern IT environments. While multiple tools exist, none fully match the speed of change, even as vendors iterate frequently, often in weekly development sprints, to maintain relevant detection capabilities.

Beyond speed, perspective matters. While an organisation may have visibility from one viewpoint, attackers do not limit themselves to a single angle. To defend effectively against modern threats, you need to view your environment as attackers do and understand vulnerabilities exploitable from within. This is where distinguishing between external and internal ASM becomes crucial.

External ASM (EASM) focuses on publicly exposed digital assets, whereas internal ASM addresses vulnerabilities inside the network. Internal ASM uses network exposure activity tools to simulate real-world attack techniques, often following frameworks like MITRE ATT&CK, to identify weaknesses from the inside. These simulations test whether known attack methods bypass security controls, whether sensitive data can be exfiltrated, whether passwords are weak or compromised, and if lateral movement within the network is possible.

Combining internal and external ASM provides a more accurate view of your security posture, allowing organisations to close gaps before exploitation.

Making the business case for ASM

Cost is often a concern with ASM investments, but when weighed against the reputational and financial impact of a breach, or the risk of sensitive data appearing on the dark web, the case for prevention is clear.

The reality is simple. Without a combination of internal and external ASM, organisations remain essentially blind to vulnerabilities. The ability to identify, monitor, and remediate gaps before adversaries exploit them has become a business imperative.

MultiChoice strengthens Africa’s digital ecosystem, protecting creative content and customer data through advanced cybersecurity solutions

Cybersecurity has evolved from a technical necessity to a core pillar of trust, business continuity, and safe digital experiences

For MultiChoice, Africa’s leading video entertainment company, protecting both customer data and the creative works at the heart of its business is a top priority. In an increasingly connected environment, threats such as phishing, ransomware, and piracy continually evolve, posing risks not only to corporate systems but also to the creative content that drives Africa’s entertainment economy.

To address these challenges, MultiChoice invests heavily in advanced cybersecurity systems, global best practices, and strategic partnerships. The company’s dedicated cybersecurity and information security teams monitor digital threats around the clock, ensuring data integrity and maintaining a secure environment for millions of customers across the continent. These efforts demonstrate that cybersecurity is not just about defending networks; it is also about protecting intellectual property and the creative output that fuels Africa’s storytelling industry.

A major area of focus for MultiChoice is combating piracy, one of the most persistent threats to the sustainability of local content. Piracy undermines creators, producers, and investors by depriving them of rightful earnings. To tackle this, MultiChoice has partnered with global leader Irdeto, a specialist in digital platform cybersecurity. Together, they have developed cutting-edge anti-piracy technologies capable of detecting, disrupting, and removing illegal content distribution networks in real time.

Beyond technology, MultiChoice collaborates closely with law enforcement to bring perpetrators to justice. Several operations have successfully dismantled piracy syndicates, leading to arrests and reinforcing the company’s commitment to defending Africa’s creative economy. Through these measures, MultiChoice is setting a benchmark for content protection across the continent, safeguarding intellectual property while supporting the growth of local creative industries.

Cybersecurity Awareness Month serves as a timely reminder that protecting digital assets, whether personal data or creative content, is a shared responsibility. MultiChoice continues to champion this mission by fostering a culture of awareness, innovation, and collaboration. By integrating advanced cybersecurity technologies, partnering with global experts, and actively supporting law enforcement efforts, the company ensures that African creativity is both respected and secure.

MultiChoice’s ongoing initiatives, from monitoring threats to combating piracy, reflect a broader mission: “to create a secure, trusted, and sustainable digital ecosystem where African creativity can thrive.” In doing so, the company not only protects its platforms and customers but also empowers the continent’s creative industry, ensuring that local storytellers, producers, and innovators can flourish in a safe and resilient digital environment.

More Articles …