New research from Trend Micro reveals that while global organisations plan to increase cybersecurity budgets this year, 90% of African companies have neglected to put cybersecurity protocols in place.
“Organisations would do well to reconsider the importance of cybersecurity, especially if they want to optimise their investments in this area,” says Zaheer Ebrahim, XDR architect, MEA, at Trend Micro. “Cybersecurity isn’t just about keeping data and other related resources safe. It has a clear impact on winning new business and recruiting top talent. With this in mind, it is vital that we change perceptions around cybersecurity, especially among corporate leaders.”
Inadequate cybersecurity measures are placing an enormous cost on businesses in Africa – in Kenya, this stands at $36-million; while figures in Nigeria and South Africa stand at $500-million and $570-million respectively.
Trend Micro’s research shows that these costs affect various areas. A fifth (19%) of the global business decision-makers (BDMs) surveyed in the company’s research admitted that a lack of security measures impacted their ability to win new business, while 81% worry that it will do so in future. This comes as nearly three-quarters (71%) of BDMs admit they’re being asked about security posture in negotiations with prospects and suppliers. And 78% say these requests for information are increasing in frequency.
This apparent contradiction in attitudes is laid bare by another finding. Despite prospects and suppliers clearly prioritising security in negotiations, only 57% of BDMs perceive there to be a strong or very strong connection between cyber and client acquisition/satisfaction.
Talent acquisition is another area where there are clear gaps in BDMs’ understanding of the interconnectivity between cybersecurity and the rest of the business.
Nearly three-quarters (71%) of respondents claim that the ability to work from anywhere has become vital in the battle for talent. Yet only around two-fifths understand the strong connection between cybersecurity and employee retention (42%) and talent attraction (43%).
That’s despite respondents recognising the impact of cybersecurity on the employee experience:
- 83% say current security policies have affected remote employees’ ability to do their jobs (eg. network and information access issues, and slowing the pace of work)
- 43% say current security policies place restrictions on employees’ ability to work from anywhere
- 54% say current policies restrict what devices/platforms employees can choose to use
These findings point to BDMs’ lack of understanding of the relationship between cybersecurity and other parts of the organisation. This is borne out by further statistics: half of respondents (51%) claim cybersecurity is a necessary cost, but not a revenue contributor; while a similar share (48%) argue that its value is limited to attack/threat prevention. Nearly a fifth (38%) even see security as a barrier rather than a business enabler.
In spite of misperceptions around the impact of cybersecurity on the business in its entirety, nearly two-thirds (64%) of BDMs say they plan to increase security investment in 2023 – a sign that industry sentiment may be changing.