The
2020 KnowBe4 African Report collated insights from eight hundred and eighty one
respondents across South Africa, Kenya,
Nigeria, Ghana, Egypt, Morocco, Mauritius and Botswana to discover how the
continent views cyber security and its risks in a world shaped by a global
pandemic. The report found that attitudes and behaviours had shifted as a
result of the pandemic, but problem pockets of risk remain that need to be
addressed in order to ensure both business and individual security.
“Nearly fifty per cent of the respondents will continue to work from
home; twenty four per cent indicated that they were affected by
cybercrime while working from home, and only
thirty per cent believed that their governments prioritised cyber
security in their policies,” says Anna Collard, SVP of content strategy
and evangelist, KnowBe4 Africa. “This year, respondents were even more
concerned about cybercrime compared with 2019, with the number rising by ten
per cent to forty seven point six one per cent. Across all eight countries,
there is a growing awareness of the risks that come
with cybercrime.”
However, people are still taking unnecessary risks. Around sixty three point
nine eight per cent would give away their personal information if they believed
that there was a need for it, or if they understood what it was being used for,
which is a measured response in light of government and organisation requests
for data to verify identity. However, the concern lies in the seven per
cent who would give away personal information if
they got something back in return, like a discount, and the six per cent who do
it all the time.
This is supported by the fact that only
forty six per cent
could define ransomware, nearly twenty
per cent have forwarded a spam or
hoax email, thirty per cent have clicked on a phishing email, thirty three point four one per cent have fallen for a con artist or a scam, and
fifty two point
seven per cent have had a virus on their personal computer.
“In South Africa, a worrying thirty one
point five per cent have thought that a
Trojan virus encrypts files and demands payments, highlighting the need for
training and education; especially considering that forty
per cent of respondents think
they would comfortably recognise a security threat if they saw one,” says
Collard. “Most people don’t realise what a risky email looks like or how their
actions could result in their systems becoming infected.”
Email security is one of the biggest threats facing the average user, both at
work and at home, and it is one of the most common communication methods –
nearly eighty seven per cent use email for work, closely followed by
WhatsApp at eighty five per cent. For
their private lives, WhatsApp is the most popular communication channel on the
continent, with ninety six per cent of respondents chatting on it with their
friends and families. Seventy-seven percent reported the pandemic changed the way
they work, with more than fifty per cent changing this for the foreseeable
future.
“For organisations, it has become critical that they train employees on
security best practices and the various methodologies used by cybercriminals,”
concludes Collard. “People need more help in learning about cyber threats,
especially since fifty per cent are continuing to work from home. Employee
training is one of the most important defence mechanisms – employees need to
learn how to spot social engineering and phishing attacks, understand why weak
passwords put them at risk and how
multi-factor authentication works. They should also learn how to protect their
home networks and what to do in the event of a security incident.”
Education and awareness have become important in protecting people and
organisations from the cyber security risks out there, especially as many
continue to work from home. For businesses looking to remain alert and minimise
the human risk in cyber security, training and awareness are the best first
steps to supporting employees and embedding a culture of security within the
organisation.