Check Point Software Technologies has released its 2024 African Perspectives on Cyber Security Report, highlighting the mounting cyber threats targeting critical sectors across the continent and emphasising the need for African organisations to strengthen their cyber security postures, adopt robust security measures, and align with global standards to protect operations and secure valuable trade partnerships.
As Africa’s economy continues to grow, with its GDP projected to reach $4 trillion by 2027, digital infrastructure has become a cornerstone of economic progress. However, this rapid digitalization has also brought increased vulnerability, with nations such as South Africa, Kenya, Nigeria, and Morocco facing targeted attacks on government, education, and financial institutions.
Insights from the report include:
- South Africa: With 3 312 attacks per week on government entities and a 90% surge in ransomware, cybercrime costs the country close to 1% of its GDP.
- Kenya: Kenya experiences 4 719 attacks per week on the government sector, reflecting an urgent need for strengthened defenses. The cybersecurity sector is growing by 20% to 25% annually, fueled by investments in infrastructure and AI-driven solutions.
- Nigeria: Nigeria faces 4 718 attacks per week, among the highest in Africa. In a recent incident, a banking trojan attack compromised 100 000 customer accounts and resulted in $3-million in losses.
- Morocco: With 8 733 attacks per week on government organizations, Morocco is one of the most targeted nations in Africa. The government recently faced a state-sponsored cyberattack that compromised classified communications, raising significant national security concerns.
“The rapid digitalisation of Africa’s key sectors has positioned the continent as a prime target for sophisticated cyber threats,” says Lionel Dartnall, acting country manager for South Africa at Check Point Software Technologies. “Organisations must urgently implement robust security strategies to prevent data breaches, ransomware, and compliance drift. Adhering to the EU’s NIS2 Directive is critical for maintaining secure trade relationships with Europe, which is a major revenue source for many African economies.”
The report underscores the need for public-private collaboration to address these cyber security challenges, with investments in AI-driven threat detection and continuous monitoring as essential steps to managing cloud and hybrid environments effectively. However, despite the critical importance of cybersecurity, African companies currently allocate only 0,05% of their revenue to cybersecurity, far below the global average of 0,3% to 0,5%.
“Cybercrime is estimated to be a $10-trillion industry globally, third only to the GDPs of the US and China,” Dartnall says. “In South Africa alone, cybercrime costs us close to 1% of our GDP, yet cybersecurity spending remains disproportionately low. It’s imperative for African nations to invest in proactive security measures to secure their digital economies.”
Issam El Haddioui, head of security sales engineering for Africa at Check Point Software Technologies, comments: “The cyber security landscape in Africa is rapidly evolving. Our report not only sheds light on these challenges but also provides actionable recommendations to help organizations strengthen their defences and secure their futures. Now is the time for African organizations to take proactive steps to align with global standards and bolster their cybersecurity resilience.”
Key takeaways from the report include:
- Data Loss, Compliance, and Unauthorised Access: African organisations are increasingly vulnerable to these risks, especially as they adopt hybrid and multi-cloud environments.
- European Union NIS2 Directive Compliance: Meeting these standards is essential to secure trade relationships with European entities.
- AI-Driven Security Solutions: Leveraging AI can enhance threat detection and incident response, helping mitigate emerging threats efficiently.
The report also includes case studies from South Africa, Kenya, Nigeria, and Morocco, providing real-world examples of ransomware impacts and state-sponsored cyberattacks on critical infrastructure.