Canon’s Africa Frontiers of Innovation panel have placed information security as the key to rapid digital transformation
The panel, hosted by Kenyan broadcast journalist Victoria Rubidari, included Confidence Staveley, award-winning founder of the Cybersafe Foundation, Nigeria; Catherine Muraga, Head of Engineering at Stanbic, Kenya and Quentyn Taylor, Director of Information Security at Canon for Europe, Middle East and Africa.
According to a Forbes' report, cybercrime costs the global economy US$2.9mn every minute hence banks and financial services are a popular target, but individuals, businesses of all sizes and governments are also at risk.
Types of Threats
Cybercrime takes many forms on the continent - malware, ransomware and social engineering are commonplace. According to an IBM report, 51% of attacks are attributed to malicious or criminal actions. These vary from opportunists looking for an ‘open window’ to giant syndicates like Nigeria-based SilverTerrier, which has implemented more than 2.1 million attacks.
Quentyn Taylor, director of information security at Canon for Europe, Middle East and Africa, said, “It’s not one type of person. A few are motivated by the challenge. Most are doing it for the money and exploit any opportunity.”
Staveley, founder of the Cybersafe Foundation, Nigeria, stated, “ Manipulating people to divulge sensitive information, aka social engineering, is the top attack vector in Nigeria. Phishing, using email ‘bait’ to catch people, mobile vishing and smishing via SMS are all used. COVID-19 brought a wave of attacks around relief efforts and vaccines. Opportunity scams take advantage of this instability and people’s desperation for jobs, scholarships and new opportunities.”
Regulation is inconsistent across the continent. “I come from a financial services perspective which is strongly regulated, but many industries are not, from a compliance or regulation perspective,” said Catherine Muraga, head of engineering at Stanbic, Kenya.
Information security and risk management can be expensive; spend has been forecast to grow to over US$150bn worldwide in 2021 by Gartner. There’s also a massive cybersecurity skills gap, estimated at over 100, 000 shortage of qualified professionals on the continent.
Even companies with solid cybersecurity in place can be at risk if their third party service providers are compromised. The often-poorly resourced small business sector in Africa creates openings for criminal activity.
Countermeasures & Developing Cyber-Resilience
Despite the enormous challenges, there are several countermeasures available to prevent attacks and aid recovery. The message is to focus on the basics and plan accordingly. “You will never stop 100% of attacks, you can’t be perfect but you can have a plan,” said Taylor.
You can’t control attacks but you can control how quickly you recover. Agree with how you’ll handle cyber-attacks. Muraga said practice makes perfect. Conduct regular simulations, with different scenarios. Go beyond just the tech, look at who gets called, who deals with customers, who deals with the regulator, get the Board to buy into how you will react and what their role is should a breach occur.
Choose third party service providers that prioritise security like Canon, whose partners benefit from their global expertise and experience in developing secure document and information management systems.
Mai Youssef, corporate communications and marketing services director, Canon CNA, concluded, “Security is one of four key pillars of Canon’s approach. We are proud to have been recognised as the IDCT Marketscape leader in worldwide security solutions and services because our products, services and solutions are developed with security in mind. We are committed to helping keep businesses and their customers safe and were delighted to host this enlightening session.”