In a landscape dominated by mobile transactions and connections, fewer than 30% of individuals say they are “very concerned” about cybercrime. However, the risk of crypto scams, social engineering attacks, ransomware and phishing remains consistently high.
This was revealed in a recent report dubbed Cybersecurity & Awareness Report 2023 by KnowBe4, which was unpacked during a recent interview with TechCentral’s TCS+ technology show.
Senior vice president for content strategy and evangelist at KnowBe4 Africa Anna Collard delved into the findings of the report, which provided a comprehensive view of the African cyber landscape and users’ perception of threats by examining key metrics around cybersecurity and awareness.
The report was based on insights from 800 respondents across South Africa, Botswana, Egypt, Ghana, Kenya, Morocco, Mauritius and Nigeria.
Discussing the complexity of businesses’ and individuals’ use of the internet, it emerged that life skills are required to navigate different channels, such as WhatsApp, while context-switching between personal and business-related conversations.
Unfortunately, cybercriminals are aware of this distraction and are constantly developing new ways to manipulate users’ distractibility.
According to Collard, a priority was looking at digital device use, digital skills and connectivity to understand fully how devices are used, the perception of risk, as well as the applications most used on these devices.
In Africa, WhatsApp is used extensively for work, more so than in other developed countries. However, there is a lack of corporate advice and awareness around the associated risks. This highlights the importance of ensuring that users understand the risks and know how to use the platform safely.
Cybersecurity awareness also remains low on the continent, with the initial baseline phishing security test results at an average of 31%, meaning one in every three employees is likely to click on a suspicious link or e-mail, or comply with a fraudulent request.
The report also found that distractions and multitasking (38%) and lack of awareness or training (52%) are the primary reasons for staff members making security mistakes.
The report also shone the spotlight on how many are unable to identify common cybersecurity threats like ransomware (43%). Luckily, the majority (60%) understand what two-factor authentication is and 62% could identify a good password.
A major concern was that one in five considered “P@$$word!” to be a secure password.
Collard said it is also key to understand how users experienced different types of cybercrime. The research discovered that just over a third (34%) believed they could recognise a security incident if they saw one.
However, 26% admitted to clicking on a phishing e-mail, 51% have had a virus infection, and 32% have lost money to a scam or con artist, which belied that assertion. Unfortunately, people are still too quick to click on links or attachments from people or brands they think are familiar to them.
Ultimately, it became painfully clear during the discussion that African businesses and internet users remain uninformed about how to mitigate cyber threats, which leaves them vulnerable. Collard stressed the need for cybersecurity training and awareness programmes.