JOHANNESBURG, South Africa, November 19, 2020/ -- Key findings: - The 2020 KnowBe4 (www.KnowBe4.com)
African Report based on their “What keeps you up at night?” survey,
reveals a landscape with some shared concerns, but many divergent ones
as well.
- Ransomware, malware and phishing are generally seen as threats, though this changes considerably at a granular level.
- The
compliance priorities between Nigeria, Kenya and South Africa are very
different, though they all focus extensively on data privacy, financial
and international compliance.
- Remote
workers are a leading concern among Nigerian and South African
organisations, while 50% of Kenyan organisations are very concerned
about negligent insiders.
As
is often said, Africa is not a country – and few things bring this fact
home more than KnowBe4's African edition of its annual What Keeps You up at Night Report.
The 2020 edition, now available, conducted surveys in 18 African
countries, asking more than 500 organisations about their concerns
across a variety of security topics.
Additionally, the report
provides specific survey details on the three Sub-Saharan giants: Kenya,
Nigeria and South Africa. These snapshots are surprising in their
variations as well as overlaps – what concerns one of the economic
powerhouses is not necessarily a priority for the others, and it's an
eye-opener around Africa's diverse security challenges.
"It's a
known fact that African countries and organisations are being targeted
more actively by cybercriminals, to the level that it's one of the
fastest-growing regions in terms of cybercrime," said Anna Collard, SVP
of Content Strategy and Evangelist KnowBe4 Africa. "But when you get
down to the specifics, the differences between the survey's continental
averages and its three biggest Sub-Saharan economies are quite
striking."
The three respective appendices of the report make for
captivating reading. Spread across six main categories – cyber threats,
compliance security, security initiatives, users, resources, and
executive issues – here is a snapshot for each country:
Kenya
In
general, Kenya is split on the priorities of security threats such as
phishing and ransomware. On average, at least half of organisations
don't regard these and other threats as more than somewhat concerning –
considerably lower than the continental totals. But that also means that
the other half of the organisations rank such threats as very
concerning, with 31% saying they are kept awake at night by the
possibility of business email compromise.
Kenya's concerns over
security initiatives mirror the continent's worries – 46% are kept
awake at night about security awareness training and supply chain
security, respectively. In contrast, the country is not as concerned
about different user security issues – African averages lean more
towards extreme concerns, yet Kenya's focus tends to split between
somewhat and very concerned.
Nigeria
Nigeria
is the clear outlier in security matters, taking some very different
views on what to be concerned about. On the one hand, no country is more
worried about ransomware: 59% of Nigerian companies say this keeps them
up at night, though 40% are only somewhat concerned. Malware attracts a
similar split. Yet 74% of Nigerian companies are only somewhat
concerned about data breaches.
They are not worried much about
security initiatives. Only multi-factor authentication truly keeps them
awake at night (74%), with the next massive concern, identity
management, sits at 27%. Here's the kicker: 89% of organisations there
are not at all concerned about security awareness training. When user
risks do surface, two types of users solicit similar levels of security
concerns – remote workers (67%) and negligent workers (41%).
Eighty-seven percent of Nigerian companies are somewhat concerned about
malicious insiders, and 69% about password sharing.
South Africa
Attitudes
in South Africa align closely with the continent's averages, though
there are some differences. While other countries tend to worry most
about ransomware, South African organisations rank phishing as extremely
(46%) and very (35%) concerning. Malware and business email compromise
reflect similar levels of worry – and though ransomware is lower than
these categories, at 50%, it's the threat keeping most businesses awake
at night.
South African views around security initiatives almost
mirror those of Kenya: 46% are extremely concerned about security
awareness training and supply chain security. Thirty-eight percent are
also being kept awake by privileged access management, incident
response, securing the cloud, and multi-factor authentication. Remote
workers keep 57% of South African companies up at night, while negligent
insiders (44%) and users sharing passwords (41%) are not far behind. |
No comments :
Post a Comment