Africa's Remote Working and Cybersecurity

Enterprise Security Magazine | Friday, January 28, 2022

In 2021, KnowBe4, Lynchpin and ITWeb conducted surveys across Nigeria, South Africa and Kenya to unpack how remote working was influencing the security paradigm for organisations.

FREMONT, CA: Remote working has become an invaluable tool for organisations across the globe, but it comes with a security caveat. Employees must be properly trained to recognise the hazards inherent in online interactions. A study conducted explicitly shows that a large number of businesses are likely to continue remote working. 57 percent of firms in South Africa, 29 percent in Kenya, and 32 percent in Nigeria decided to continue with flexible remote working.

One of several layers of security against cybercrime is a well-trained employee who knows how to recognize and report cyber dangers. People should be made aware of the signs of social engineering attacks and why they should avoid clicking on links or opening attachments. While many respondents in the study thought their remote workers were well trained to withstand social engineering attacks, a large majority were uncertain how well their employees would react in the event of a security issue. As a result, there is a pressing demand for security training.

Every individual is both the cause of the problem and the source of the solution in this situation. On one side, they act as a human firewall, able to defend against threats and play a critical role in reducing security threats. On the other hand, there might be a flaw that allows someone to get around extensive and expensive protection by just clicking on a link or falling for a phishing scam. Companies that aim to employ hybrid and remote working frameworks in the future are advised to prioritise training in their policies and plans. Finally, a security breach might cost them financially and reputationally – especially now, poor user behaviour is a primary source of security events in all three countries- South Africa, Kenya and Nigeria.

While the overall number of security incidents faced by businesses decreased in 2021, the assaults that were successfully used were phishing, social engineering, ransomware, and malware. In South Africa, unintentional data leaks tied for third place with credential theft, while phishing and ransomware were the top threats in Kenya. The most serious issues in Nigeria were social engineering and phishing.