Read this quarter’s Intermedia here

BLOG

Africa needs investment in its cyber defences

09.07.2020
Share this

The Covid pandemic has exposed the vulnerabilities in the region’s infrastructure

When the coronavirus pandemic struck early this year, authorities around the world braced for an expected rise in cyber-attacks. It turned out that, in most countries, there was no significant increase, although the types of attack changed. But in Africa, cyber-attacks of all sorts spiked dramatically. The targets included government, healthcare, telecoms, banks and the users themselves. In education, institutions mostly didn’t have the necessary security applications for the large number of online classes, and lacked a basic understanding of the risks. Mobile money was especially hard hit. It is big business in Africa, and the way in which it allows the easy transfer of money, mobile to mobile and mobile to bank, makes it vulnerable. Assessments by the region’s CSERTs1 showed that social engineering type attacks, such as phishing, were the most common largely because of the lack of awareness among users.

Governments across the region are working with regulators and operators to try and push the awareness message. Initiatives include the setting up of sectoral cybersecurity teams, to co-ordinate responses among operators, and campaigns involving messages sent to users phones have become widespread. Telecoms companies have also launched a comprehensive programme including threat detection, preventive measures and increasing awareness among employees in areas such as phishing and social engineering.

Across Africa, most governments already have a cybersecurity strategy, but not the funds for implementation. Currently only about 60% of countries in Africa have their own national CERT. Most are now developing them, and my organisation, ADCRO, has run capacity-building workshops for these countries with help from the African Union, ECOWAS, UK Foreign & Commonwealth Office (FCO) and the US. However, funding remains a major obstacle.

A dedicated source of funding is needed to boost cybersecurity in Africa. In this era of the global COVID-19 Pandemic, permanent and sufficient funding needs to be secured to combat the rise in cyber-crime and cybersecurity related attacks in Africa. Without financial commitment our entire governance, financial, and educational system among others will grind to a halt.

Funding should come from both international and local sources. In the past years and more particularly in 2019, the African Region has received international funding support for cybersecurity capacity building from several United Nations Agencies, the EU, Council of Europe, UK Foreign and Commonwealth Office (FCO), the Hague and the USA, amongst others. It is expected that cybersecurity funding support from these international sources will increase to meet the spike in cybersecurity challenges of the region.

In terms of local funding, AU and Ecowas should make available funding to support African Governments in developing and implementing their National Cybersecurity Strategy to protect their critical national infrastructure, cyber borders and citizens.

African governments themselves need to have dedicated budget allocations to support their fight against the increasing cyber-attacks in their respective countries, and some are doing this. Nigeria has introduced a levy on electronic transactions to fund their cyber-security initiatives. Ghana has introduced communications services tax to support its cybersecurity agenda. Togo has also established a sovereign cyber-security fund with contribution from telecommunication service operators, based on their annual turnover.

The scale of the task means that funding will be needed at every level – international, regional, national and local. If this investment can be found and sustained, then a more secure network, resilient infrastructure and better informed citizens will be a positive outcome to the Covid-19 pandemic.


1 Computer / Security Emergency Response Teams

Comments are closed.

Africa needs investment in its cyber defences: the Covid pandemic has exposed the vulnerabilities in the region’s infrastructure.

Theme:
Privacy, Safety, Security
Region:
Middle East & Africa
Africa, covid-19, cybersecurity Kenneth Adu-Amanfoh Kenneth Adu-Amanfoh Chief Executive, Africa Cybersecurity and Digital Rights Organization (ACDRO)
You may also like... Blog
Regulatory Watch – December 2024 10.12.2024
Blog
Regulatory Watch – November 2024 26.11.2024
Blog
Regulatory Watch – October 2024 22.10.2024

Latest

Publication
North America Forum 2024, Washington D.C. – December 2024 15.01.2025
Publication
International Regulators Forum – November 2024 13.01.2025
Publication
Annual Conference – November 2024 02.01.2025
Publication
Small Nations Regulators Forum (SNRF) – November 2024 27.12.2024
View All
Back to the top

The IIC is the world's only policy debating platform for the converged communications industry

We give innovators and regulators a forum in which to explore, debate and agree the best policies and regulatory frameworks for widest societal benefit.

Insight: Exchange: Influence

We give members a voice through conferences, symposiums and private meetings, as well as broad exposure of their differing viewpoints through articles, reports and interviews.

The new website will make it easier for you to gather fresh insights, exchange views with others and have a voice in the debate

Take a look Learn more about our updates
Please upgrade your browser

You are seeing this because you are using a browser that is not supported. The International Institute of Communications website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:

Windows Mac

Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.