Countering cybersecurity risks requires cooperation

JavaScript is disabled!

Please enable JavaScript to read this content.

Abdul Karim Mohammed IT Manager Sub-Saharan Africa at Ipsos. [Courtesy]

Kenya has witnessed rapid technological development over the past two decades, making it the regional Information, Communication, and Technology (ICT) hub. It leads in broadband connectivity, general ICT infrastructure, mobile money, banking, and FinTech services in East Africa.

This growth has brought numerous benefits to the national economy. Millions of jobs have been created in the ICT and digital economy sector, making access to ICT the cornerstone of youth empowerment.

Innovations such as digital payments and e-commerce solutions have enabled creatives to monetize their work, contributing substantially to the Gross Domestic Product (GDP).

While technology has brought many benefits, it also presents challenges. Over-reliance on technology can lead to dependency, where people struggle to perform tasks without technological assistance. With increasing data shared online, privacy has become a significant concern. The more we rely on technology, the more we expose ourselves to cyber threats. It is important to use technology responsibly and be aware of these potential challenges.

Unfortunately, cyberattacks have become increasingly common across the globe, wreaking havoc on businesses of all sizes. The Communications Authority of Kenya (CA) industry report for October to December 2023 reported a 943.01 percent increase in cyber threats, from 123 million in July to September 2023 to 1.29 billion.

Although the report released in March 2024 reported a 24.83 percent decrease in cyber threats from 1.2 billion to 900 million, an increase of 5.75 percent in issued advisories from 8,061,267 during October to December 2023 to 8,524,407 during January to March 2024 suggests a more proactive approach and an increase in the complexity and severity of threats detected.

System vulnerabilities led the attacks with 0.83 billion incidents, followed by malware attacks with 33.18 million, an increase of 151.0 percent, and brute force attacks with 28.0 million, an increase of 189.6 percent. Other attacks included web application attacks with 199,435 incidents, an increase of 174.9 percent, and mobile application attacks with 171,232 incidents, an increase of 224.8 percent.

These statistics highlight the growing online risks that organizations in the country are facing. Globally, the trend in cybersecurity risks is similar. The International Monetary Fund (IMF) experienced a cyber incident on February 16, 2024, compromising 11 IMF email accounts, leading to data leakage and unauthorised access to sensitive internal information.

According to a study conducted last year by Ipsos on the insurance and risk management sector, cyber risk has risen to 2nd place in experts’ overall ranking, up from 3rd in 2022. This concern is shared across regions, with the risk ranking 2nd in Asia and America and 3rd in both Europe and Africa.

The AXA Future Risks Report 2023, released in October, reveals that after pandemics, war, and natural disasters, the next big global risks could be technological, especially with the rapid progress of generative Artificial Intelligence such as ChatGPT.

Groups detected

More people are likely to say that technological advances create more risks than opportunities (50 percent in 2023 vs. 47 percent in 2022).

A report by the American cybersecurity firm CrowdStrike, published in March 2024, reveals that successful cyber-attacks increased by 76 per cent globally last year, with at least 36 new cybercriminal groups detected during the period. The report cites the shutdown of critical infrastructure as a major concern in a context of turbulent geopolitics and ever-deepening reliance on digital devices.

A separate survey carried out in 2022 by Ipsos revealed that one in five bank customers had already been the victim of a phishing attempt (one in three in the United States).

Cyber threats are constantly evolving, becoming more sophisticated and harder to detect. The majority of cyber-attacks are designed to access organisational data, which introduces a significant cyber risk today—data breaches.

Exposing sensitive customer data also puts enterprises at risk of violating data privacy and cybersecurity regulations. The risk exposure from ever-increasing connectivity and the interdependency of systems is a significant challenge, as is the adoption of emerging technologies like quantum computing, AI, 5G networks, and edge computing. These factors have made cyber risks real and significant, leading to a high level of personal fear about the security of bank accounts, social networks, and identity.

Managing these risks requires a strategic approach to cybersecurity, which includes identifying, prioritising, managing, and monitoring risks to information systems.

This process has now become a vital part of broader enterprise risk management efforts, prompting many firms to implement cybersecurity measures to prevent future vulnerabilities in the fast-growing digital world. This increases costs for businesses.

Strengthening the cyber governance regime is crucial in the face of the real risks that cyber attacks pose to businesses and the economy.

It requires strengthening the rule of law in cyberspace. National cybersecurity strategies should therefore be robust and effective.

Countering cybersecurity threats requires a comprehensive and strategic approach. It is a shared responsibility and requires the collective effort of individuals, businesses, and governments, including information sharing, cyber threat intelligence, and vulnerability disclosure.

Kenya must also work with other countries within the region and across the globe to strengthen security measures and foster responsible technological development.

 -The author is the IT Manager Sub-Saharan Africa at Ipsos