The rise of cyber attacks in the region can be attributed to a shortage of experts to tackle sophisticated cyber crimes.
According to the Cisco Annual Cybersecurity Report, 2017, organisations are having perennial challenges fighting cyber-crimes because they are not investing enough funds to contain cyber-attacks.
Small or medium enterprises in East Africa have at least one or two of their systems fully exposed on the Internet, with the internal staff unaware of the vulnerability.
The majority of organisations spend less than Sh500,000 annually on cyber security while some have no budget at all and do not train their staff in cyber security.
Cisco Security analyst for Africa Terry Greer King said organisations can reduce their exposure to attacks by separating information technology and security functions.
“Organisations are making their security departments increasingly complex, with most organisations using from six to more than 50 security products, increasing the potential for gaps in security effectiveness,” said Mr King.
According to analysts, most organisations in Africa are ill prepared to deal with information security threats. Accordingly, cybercrime has evolved from individual attacks to organisational ones, with the widest spread form of threats being ransomware − a type of software designed to block a person’s access to their computer system until a certain sum of money is paid.
Global financial consulting firm Deloitte, in a report, attributed the high rates of cybercrime to low awareness of threats among local businesses as well as a lack of investment in cyber security.
In another report, IT security firm Serianu Kenya’sfinancial institutions with Kenya lost Sh17 billion to cyber criminals, Tanzania Sh8.5 billion and Ugandan companies Sh3.5 billion in the year 2016. (East African)