Cyber strategy in Africa is more mature than ever before, with nearly three-quarters (74%) of Africa’s large companies saying they have a relatively mature approach to privacy and cyber security.
In addition, 75% of companies said their strategies were either regularly refreshed or had been built in alignment with their threat profile with measurable KPIs.
Furthermore, 61% of African entities have implemented a clear data protection/governance approach, and 80% report the establishment of robust frameworks and well-defined strategies to mitigate security and privacy risks.
These were some of the findings of KPMG Africa’s Cyber Security Outlook 2022 survey which unpacks the state of cyber security across the continent.
According to KPMG, the report highlights that the cyber landscape in Africa is highly dynamic and rapidly evolving – fuelled by widespread digitisation and matched by adequate investments in protecting assets and data from cyber threats.
John Anyanwu, partner and head of cyber security at KPMG Nigeria & Africa, says while the continent faces many challenges, including poverty and political conflicts, multiple economies in the region have shown tremendous growth.
“A number of countries are demonstrating rapid post-pandemic recovery with increased consumption and adoption of digital technologies at grassroots level.”
The survey identified key areas of focus for Africa, namely the integration of cyber security into core business strategy; more robust and risk focused regulation; proactive threat identification and defence; and a focus on the cyber talent pool.
Marcelo Vieira, partner and head of cyber security for KPMG South Africa, says this demonstrates the efforts made by business leaders in Africa to secure the processing of data across the expanding digital landscape. “As organisations undergo digital transformation, it is crucial that they envision data protection and privacy as a key strategic component and we are starting to see a massive shift across the African continent.”
The report also revealed that entities in Africa with a global footprint have achieved greater clarity in terms of strategic cyber security direction compared with those operating solely within Africa.
Similarly, those that operate across multiple regions in Africa have established clearly defined frameworks and strategies compared to organisations with a presence in only one country.