With IoT connections in sub-Saharan Africa set to double by 2030, cybercriminals have more opportunities than ever to breach networks and systems, with converging IT, Internet of Things (IoT) and OT systems posing a risk to critical infrastructure.

Microsoft’s recent Cyber Signals report, highlighting how cybercriminals are using operational technology (OT) as gateways into an organisation’s network, spotlights security trends and insights gathered from Microsoft’s 43-trillion daily security signals and 8 500 security experts.

The increase in digital transformation across the region has enabled organisations to manage their buildings, emergency systems and access control with smart devices connected to a network. In addition, Microsoft has seen an increase in IoT devices in the workplace to better enable hybrid work. This includes smart conference rooms with microphones and cameras, WiFi routers and printers.

For CIOs in the Middle East and Africa (MEA), the impact of a possible security breach is top of mind in an increasingly complex threat environment.

IDC research on Enterprise Security Trends found that it is the top concern for senior IT security decision-makers in South Africa, with half saying they are most concerned with the consequences of a possible breach in terms of brand reputation and financial loss.

To combat the risk, 53% of organisations in South Africa have increased their security budgets over the past two years and 53% are investing in upskilling staff to increase technical knowledge of IT security.

However, as the threat landscape continues to expand, organisations need to rethink their cyber risk approach to stay one step ahead of would-be attackers. Cyber Signals found that there are currently more than 1-million connected devices publicly visible on the Internet running Boa, an outdated and unsupported software still widely used in IoT devices and software development kits.

“Organisations are more connected than ever before. From the humble WiFi router to the everyday office printer, IT teams need to view their IoT devices differently and secure them as they would any company laptop to prevent security breaches,” says Colin Erasmus, chief operations officer at Microsoft South Africa.

“Gaining complete visibility of an organisation’s OT systems and protecting its IoT solutions will go a long way in preventing cyberattacks.”