Cybersecurity in Africa: The challenges and solutions

Issue 1 2023 Training & Education, Information Security

Conrad Steyn.

Africa faces a significant challenge when it comes to the availability and distribution of cybersecurity talent and secure IT infrastructures. This is important because as the continent continues to undergo digital transformation, the need for security becomes more apparent. We have seen too many enterprises globally suffer from attacks that cost money or bring essential services to a halt. Something needs to change.

Facing this challenge, as well as new business circumstances that influence how we build and maintain our IT systems, we need to understand how we got here, how the world has changed, how people are working, and the various ways we can work together to instil change and nurture the next generation of security graduates and professionals.

Many attackers, few defenders

Africa has a shortage of required security skills. According to the 2022 Africa Cyber Security Outlook survey by KPMG, nearly two out of three responding enterprises reported having trouble recruiting and retaining qualified cyber professionals. This is amidst a surge in cybersecurity across all sectors, to the point that there are an estimated three-million cybersecurity job vacancies globally, which is expected to grow to 10 million in the near future.

What elevates the severity of this shortage is the fact that cyber attackers and malicious actors continue to set their sights on Africa. Interpol’s Africa Cyberthreat Assessment Report shows that the agency’s partner company, Trend Micro, recorded more than 679 million email threat detections, 8.2 million file threat detections, and 14.3 million web threat detections between January 2020 and February 2021. At the same time, the report found over 90% of businesses operate without proper security protocols. From online scams and phishing to ransomware, data-harvesting and disrupting malware, attackers are doing everything to exploit the vulnerability of organisations’ networks, applications, and users across the continent.

Setbacks and growing trends

Made up of countries with unique legislative and technical complexities, Africa is held back by limited investment. While there is definite progress in countries such as South Africa, Kenya, Egypt and Nigeria, in terms of attracting investment, the rollout creates inequities and places these nations ahead of others. Though also continually growing, the still limited number of data centres impacts the continent’s overall level of data residency and retention.

Meanwhile, next to all the opportunities it creates, remote and hybrid working has introduced new challenges to organisations devising the ideal security strategy. As more and more employees work from different locations and become more reliant on software as a service (SaaS) applications, the security perimeter expands, and existing gaps widen. Cyber attackers are cognisant of this, and as such, organisations need to take extra steps to protect their networks.

Education and other solutions

When it comes to education, collaboration is the answer. For instance, managed services and security vendors are collaborating with crucial learning institutions to introduce and offer ICT-based curriculums that cater to employment in the digital age, and uplift graduates with the skills they need to excel. Vendors themselves offer online training and certification of their specific products and systems, so that when exploring the job market, graduates have a firm grip on the tools and resources that company’s worldwide use to build and secure their infrastructure.

The Cisco Networking Academy provides IT, networking, and cybersecurity skills that translate into real-world opportunities. Having just celebrated its 25th anniversary, the academy has provided training to more than a million people across sub-Saharan Africa. With hundreds of thousands of students spread across African countries, including South Africa, Kenya, and Nigeria, the academy plays a vital role in upskilling young Africans, promoting economic and employment growth and enabling participation in the global digital economy.

Since the introduction of the academy in sub-Saharan Africa, more than 1.07 million people have been trained and upskilled. During Cisco’s 2022 fiscal year alone, more than 345 000 people were enrolled in Cisco Networking Academy courses, across 50 countries in the region. The 2022 cohort also shows that the Networking Academy is making significant progress towards the meaningful inclusion and upliftment of women in the technology industry. In South Africa, 61% of the current intake of 82 219 students are female.

Additionally, The Cisco EDGE (Experience, Design, Go-to-Market, Earn) Incubation Centre concept in Africa is a great example of a local, grassroots initiative that aims to share business knowledge, speed up entry to market and, ultimately, create new jobs for the local economy.

In light of the shortage challenge, managed service offerings that cover network, cloud, and endpoint security, as well as fully staffed security operation centres (SOCs), are becoming more popular with organisations. Cisco Edge launched a cybersecurity specialisation cohort across South Africa. This certified 11 small, medium, and micro enterprises as Cisco Express Security partners.

Not every organisation has dedicated security teams or the expertise to deal with today’s evolving cyber threats. Therefore, these partnerships are crucial to help protect and future-proof businesses adequately.

Africa's digital transformation can be accelerated through strategic partnerships between sectors and industry players, regulatory and standardised procedures, and prioritising skills development. We can shape it into a bastion of cybersecurity in the digital age and retain industry-leading professionals and systems that take us into the future and beyond.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Cybersecurity and AI
AI & Data Analytics Information Security
Cybersecurity is one of the primary reasons that detecting the commonalities and threats of what is otherwise completely unknown is possible with tools such as SIEM and endpoint protection platforms.

Data security and privacy in global mobility
Security Services & Risk Management Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Sophos celebrates partners and cybersecurity innovation at annual conference
News & Events Information Security
[Sponsored] Sun City hosted Sophos' annual partner event this year, which took place from 12 to 14 March. Sophos’ South African cybersecurity distributors and resellers gathered for an engaging two-day conference.

The CIPC hack has potentially serious consequences
Editor's Choice Information Security
A cyber breach at the South African Companies and Intellectual Property Commission (CIPC) has put millions of companies at risk. The organisation holds a vast database of registration details, including sensitive data like ID numbers, addresses, and contact information.

Tips and tools for trade businesses
News & Events Training & Education
ServCraft brings together trade industry associations and corporations to launch blox, a digital content platform and community impacting lives, businesses and industries across hundreds of thousands of trade business SMEs.

AI augmentation in security software and the resistance to IT
Security Services & Risk Management Information Security
The integration of AI technology into security software has been met with resistance. In this, the first in a series of two articles, Paul Meyer explores the challenges and obstacles that must be overcome to empower AI-enabled, human-centric decision-making.

Milestone Systems joins CVE programme
Milestone Systems News & Events Information Security
Milestone Systems has partnered with the Common Vulnerability and Exposures (CVE) Programme as a CVE Numbering Authority (CNA), to assist the programme to find, describe, and catalogue known cybersecurity issues.

Africa Online Safety Platform launched in SA
Training & Education News & Events
Impact Amplifier, with the financial support of, launched its African Online Safety Platform (AOSP), a platform providing a rich repository of research, education content, funding opportunities and ways to seek help after an online crime.

Access & identity expectations for 2024
Technews Publishing IDEMIA ZKTeco Gallagher Salto Systems Africa Regal Distributors SA Reditron Editor's Choice Access Control & Identity Management Information Security AI & Data Analytics
What does 2024 have in store for the access and identity industry? SMART Security Solutions asked several industry players for their brief thoughts on what they expect this year.

Zero Trust and user fatigue
Access Control & Identity Management Information Security
Paul Meyer, Security Solutions Executive, iOCO OpenText, says implementing Zero Trust and enforcing it can create user fatigue, which only leads to carelessness and a couldn’t care attitude.