Increased cyber security threats cost the economy an approximated Ksh.29.5 billion (USD 295 million) in 2018, a newly-published study shows.
The annual report by the pan-African based cyber-security and business consultancy Serianu is indicative of a notable 39.8 percent increase in cyber-risk associated cost from the incurred Ksh.21.1 billion (USD 210 million) in 2017.
While the year marked an improved rating in cyber-crime awareness for both firms and individuals, the inter-mediating high costs are attributed to panic stations characterized by a dash for cyber-security infrastructure.
This backed by bloated indirect costs which contributed to a notable 70 percent chunk of total costs realised.
“We are in a panic mode. A lot of the investments we see today are panic purchases made as a quick purge to the prevailing challenge,” said Serianu Managing Director William Makatiani.
“You can buy a very good Maserati, but if the road is in a bad shape and not working well, the car is ruined within a few months,” he added.
The analogy by the consultancy’s boss is in response to the observed reaction rather than pro-activeness in tackling the endemic vice.
In spite of millions in infrastructure investing, human capital in the cyber world remains depressed, defined by the mere 1700 cyber professionals in the country against a demand of 10,000 experts.
The shortfall in skills is largely seen in senior and mid-management levels with 60 percent of surveyed companies reporting talent shortages in the cyber-risk mitigation department.
The recruitment of key staffers is consequently constrained by the lack of solid experience in young professionals and hiked remuneration rates for the more accustomed workforce.
The play out leaves the door wide open to potential cyber attacks represented mainly by the spread of malware where banking and financial services have taken in the heaviest bruising from the eventual fall-out.
The report however makes note of the progressive interest by company boards in the mitigation of the cyber threat, complemented by a notable increase in reported and prosecuted occurrences of threats.
The firm managers are however urged to be steadfast in their intervention given the nature of the ever changing threat.
“While the rise in interest is commendable, it is still far too slow to make a real impact. Since most sensible companies have a business continuity plan as part of risk management, it is emerging that several firms are yet to stress-test their plans against emerging and evolving cyber-security threats,” noted Serianu Senior Risk Consultant Nabihah Rishad.
The report highlights on the growth of lethal and targeted malware in 2019, attack replication and increased regulatory requirements urging firms to heed to the concerns to in return; invest in managed cyber-security services and deploy third parties to exploit target organizations.
2018 witnessed an increased level of cyber threat mainly entailed in the breach of financial services including mobile-money accounts and Automated Teller Machines (ATMs).
According to the Communications Authority of Kenya’s National Kenya Computer Incident Response Team & Coordination Centre (National KE-CIRT/CC), the country saw a total of 24.87 million cyber threats across 2018 with the bulk of the attacks taking place in the last quarter of the year.
Despite the sophistication of technology, socially engineered fraud remains integral to the perpetration of cyber-crime activities at both individual and company level.
Kenyan Business Feed is the top Kenyan Business Blog. We share news from Kenya and across the region. To contact us with any alert, please email us to [email protected]