The African Challenge post pandemic: Cybersecurity Awareness on the Continent

That is The challenge of the platform well-known, KnowBe4 launch to Africa. The team release the African Cyberthreat Report is focused on key metrics around cybersecurity awaress and behaviours to gain a holistic view of the continent’s cyber stance and how users perceived the treats.


Collating insights from 763 respondents across South Africa, Botswana, Egypt, Ghana, Kenya, Morocco, Mauritius and Nigeria, the report highlights some of the gaps that remains in security awareness in spite of the risks posed by the pandemic and the evolution of hybrid working frameworks.

The team of the platform revealed that the pandemic is still playing a major role in influencing working behaviours and patterns. Only 38% of respondents have returned to their offices or are accessing the internet from their office network, while 55% continue to work from home; 32% of respondents were affected by cybercrime while working from home, and one-third (33%) of the attacks were social engineering; The number of people concerned about cybercrime has risen to 72%.

Anna Collard, SVP Content Strategy & Evangelist KnowBe4 Africa said

The pandemic remains a central issue for most users when it comes to how they plan to work and live in the future,” “This year, nearly 55% plan to continue working from home. Respondents are increasingly concerned about the risk of cybercrime at 72%, however, the trend this year has been an increase in overall security confidence, which is not necessarily earned. People think they know more than they do and this is causing issues.

According to Knowbe4, people, in their personal live, are still taking unnecessary risks, in spite of their growing awareness and understanding of cybercrime. For instance,around 10% are very likely to share their personal information. Only 54% will trust an email from someone they know, even though 36% have fallen for a phishing email and 55% have had a malware infection. In a conclusion, these numbers are up from 2020, and are compounded by the fact that most users believe that they can confidently identify a security incident (44%) but only 46% could accurately identify ransomware — a small drop from 2020 at 47%.

For any company, when it has become critical they train employees around security best practices and the various methodologies used by the cybercriminal. This situation concerns more than 30% of users who do not know what two-factor authentication is, 40% are not using a secure password — 20% believed that P@$$word! was a strong password — and yet 63% use their mobile devices to do payments or banking. They are putting themselves at risk with poor password hygiene and limited security controls.

Mrs Collard added to this analysis:

Email remains one of the biggest security threats, People are still very trusting of emails they have received from people they know (54%, up 2% from 2020), even though those email accounts could have been impersonated or hacked. There is definite need to educate people around the rising social engineering threats around emails, social media, chat apps and the phone (vishing). On the other side, for company, it has become critical that they train employees around security best practices and the various methodologies used by the cybercriminal,” concludes Collard. “People need more help in learning about how to stay safe online at home, the office and on the road. Perhaps the worst mistake is that they believe they are security smart and can identify the risks, when they actually cannot. This is putting both them and their company at risk.

The report found that while people are paying more attention to security, they are still falling prey to scams and attacks that they could have avoided. From social engineering to investment scams, the threats are gaining ground. Considering that around 34% have lost money because they fell victim to a scam, and 26% have experienced a social engineering attack over the phone, it is clear that cybercriminals remain determined to use any means necessary to catch people unaware.

Building a security culture, or in other words, strengthening the human defence layer and making them aware of how to detect and prevent social engineering attacks is a crucial element in organisational cybersecurity posture, especially as many people continue to work from home.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Hafida B

Hafida B

Journalist-writer, I do love photography for some events. I buy photos and content English/FR.