We need to pay more attention to increasing cyber threats

An American author, Richard Clark once said, “If you spend more on coffee than on IT security you will be hacked. What is more, you deserve to be hacked.”

In today’s interconnected world, the digital landscape has become an inevitable part of people’s daily lives. Furthermore, the increased cybercrime against insufficient cyber security skill sets calls for an urgent need to bridge the skill gap in the country.

For instance, in Kenya today, there are only 1,700 certified cybercrime professionals, according to the Computer Society of Kenya, against thousands of businesses that have a digital presence.

The cyber security skills gap continues to inhibit individual, organisations, and even government’s ability to access skilled talent, not only in terms of finding the talent but also affording it. Experienced cybersecurity professionals are hard to find and expensive to retain. Due to this skewed demand and supply, there is war for talent across all industries which results in human resources cost amplification. 

This cost factor is carried over into how companies approach their security spend per employee which drives them to opt for cloud services. Companies are looking for solutions to remain competitive and agile without compromising their cyber security resilience and capability.

Cyberspace has become both a catalyst for progress and a breeding ground for cyber-attacks. A report by a Russian multinational cybersecurity and anti-virus provider, Kaspersky, in June this year indicates that Kenya, South Africa and Nigeria are top African countries with the highest cyber threats. Kenya currently ranks 35th, Nigeria 50th and South Africa 82nd on the global list of cyber threats.

The report further mentions that in the first quarter of 2023, in Kenya, exploits emerged as the most dominant form of attack with 177,000 incidents blocked in addition to 300,000 zombie machines detected.

With the escalating sophistication and frequency of cyberattacks, the importance of robust cybersecurity measures cannot be overstated.

Even developed countries like Japan and the USA are prone to cyber-attacks.  Recently, Japan’s busiest port was attacked by ransomware preventing the port from shipping containers for two days. Back home, several institutions including Safaricom, eCitizen, Kenya Bureau of Standards, Kabarak University and even the Central Bank have experienced cyber-attacks putting their reputation at risk.

This is a dawn to the reality that cyber threats are closer home now than before thus the need to develop strategic preventive, adaptive and corrective controls supported by technology and right skills. As a way of addressing this gap, the Kenyan government through Ajira Digital, an initiative under the Ministry of Information Communication and Digital Economy with strategic partnership from Mastercard Foundation, implemented by eMobilis  and KEPSA, has introduced free Cyber Security training in the revised curriculum  to equip young people with work readiness skills, resources and know-how preparing them as future generation of cyber defenders while providing organizations the much required to survive in the current global turbulence. 

Though Ajira Digital young people are equipped with skills on how to protect personal data both online and offline, the importance of having firewalls on the system, anti-virus, and antispyware, managing the operating system, using the incognito browser when accessing the internet with a public or browsing with VPN among others to safeguard and protect their interaction both online and offline. More importantly, they are able to monetize their skills by providing cyber security solutions to local and international businesses to earn dignified income.

Today businesses are at high risk of cyber-attacks. According to a Pan-African cyber security report released by Liquid C2, the cyber-attacks on Kenyan businesses had increased by 82 per cent from 2021 to 2022. Additionally, cyber threats are evolving daily, it is crucial for businesses, individuals and government to be proactive in safeguarding themselves against the potential attacks such as computer viruses, data breaches, and denial of services among others.

This means that cybercrime is continuously evolving and disrupting various aspects of people’s lives. This year alone, the Communications Authority of Kenya has so far recorded 187.8 million threats. Cybercriminals are employing a variety of tactics, including malware, phishing, ransomware, and social engineering, to exploit vulnerabilities in digital systems. These threats pose a significant risk to individuals, businesses, and even governments, as they can lead to data breaches, financial losses, reputational damage, and even the disruption of critical services.

Businesses and individuals have put in place measures to minimize cyber-attacks like firewalls, HIPs, malware, VPN, Web content filtering, and email content filtering among others. There is a need for continuous learning of the new trends and security measures to be ahead of cyber criminals and hackers. The government has also enacted the Computer Misuse and Cybercrimes Act 2018 which established the national computer and Cybercrimes Coordination Committee to coordinate cyber security matters. Further, it enacted the Data Protection Act 2019 to ensure the privacy of our data.

Young people can access the free training on www.ajiradigital.go.ke to familiarize themselves with the basics of cyber security as they consider advanced training at eMobilis Technological Training Institute or any other institution that offers cyber security in the country. Through basic knowledge we can protect ourselves, our organizations and our digital infrastructure from the extortions of cyber threats. From individuals, non-governmental organizations, corporations, e-commerce platforms, financial institutions and even the government, cyber threats are proving to be a common menace for all. As the cyber security skills supply championed by the Ajira Digital program, eMobilis Technology Training Institute among other stakeholders continue to grow, businesses continue to benefit from the much-demanded cyber defense talents.

The writer is co-founder and Managing Director of eMobilis Technological Training Institute