KnowBe4, a provider of one of the world’s largest security awareness training and simulated phishing platforms, has just released its highly anticipated 2024 Security Culture Report for Africa, providing a detailed analysis of the intricate relationship between security practices and employee behaviours within organisations. Drawing insights from surveys conducted across thousands of organisations worldwide, the full report offers a comprehensive five-year comparative view, highlighting significant trends shaping the cybersecurity landscape.
“In its section on Africa, the report reveals that organisations evaluated across 20 African countries exhibit an average security culture score of 72, consistent with the previous year,” said Anna Collard, SVP of Content Strategy & Evangelist for KnowBe4 Africa. “This shows a moderate level of readiness in security culture.”
There are noteworthy variations among sectors and countries, emphasising the necessity for targeted interventions to enhance cybersecurity resilience. “The banking sector in Kenya is a standout performer, boasting an impressive average score of 83, attributed to its steadfast commitment to maintaining mature security cultures supported by robust security operations,” explained Collard. “However, industries such as public services, construction, education and hospitality show lower security culture scores. This shows the importance of developing specific approaches to enhance cybersecurity awareness and practices in these sectors.”
Africa, with its diverse cultural fabric and youthful population projected to dominate the global workforce by 2100, faces escalating cyber-risks amidst rapid technological advancements. Challenges, including limited resources, inadequate cyberawareness and economic constraints, marked the continent’s cybersecurity landscape in 2023.
Kenya (76), Nigeria (75) and Ghana (74) lead the charge in cybersecurity readiness, showcasing robust strategies backed by local governments. Ghana’s significant progress in cybersecurity, evidenced by its climb in the Global Cybersecurity Index, reflects the region’s commitment to cybersecurity excellence.
“With a security culture score of 72, it’s important to address the findings from a separate survey on Generative AI (GenAI) adoption by organisations in South Africa,” added Collard. “That survey identified regulatory gaps and a lack of training in countering AI-generated misinformation, highlighting the need for regulations, training programmes and partnerships to tackle cyberthreats such as deepfakes, especially during the upcoming crucial governmental elections.”
The South African Council for Scientific and Industrial Research (CSIR) expected an increase in cyberattacks targeting important infrastructure and government bodies in the weeks before South Africans go to the polls.
The security culture score is a global measure used to evaluate organisations based on their approach to security, explained Javvad Malik, Lead Security Awareness Advocate at KnowBe4. “This score reflects how much importance different entities worldwide place on cybersecurity within their organisational culture. In today’s interconnected world, where a mobile device in a remote area can access sensitive accounts, working in isolation on security is no longer effective,” added Malik.
“Collaboration between governments and regulators is essential not just for creating laws but also for demonstrating practical ways to strengthen security culture. Organisations need to prioritise the human element of cybersecurity by focusing on continuous awareness and training efforts rather than relying solely on technological solutions.”
Click below to share this article