KnowBe4 Releases 2024 Security Culture Report for Africa

The insights reveal cybersecurity readiness trends and highlight the importance of targeted interventions for resilience.

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, has just released its 2024 Security Culture Report for Africa, providing a detailed analysis of the intricate relationship between security practices and employee behaviours within organisations. Drawing insights from surveys conducted across thousands of organisations worldwide, the full report offers a comprehensive five-year comparative view, highlighting significant trends shaping the cybersecurity landscape.

In its section on Africa, the report reveals that organisations evaluated across 20 African countries exhibit an average security culture score of 72, consistent with the previous year. This shows a moderate level of readiness in security culture.

Anna Collard, SVP of Content Strategy&Evangelist, KnowBe4 Africa

There are noteworthy variations among sectors and countries, emphasising the necessity for targeted interventions to enhance cybersecurity resilience. “The banking sector in Kenya is a standout performer, boasting an impressive average score of 83, attributed to its steadfast commitment to maintaining mature security cultures supported by robust security operations,” explains Collard. “However, industries such as public services, construction, education, and hospitality show lower security culture scores. This shows the importance of developing specific approaches to enhance cybersecurity awareness and practices in these sectors.”

Africa, with its diverse cultural fabric and youthful population projected to dominate the global workforce by 2100, faces escalating cyber risks amidst rapid technological advancements. Challenges, including limited resources, inadequate cyber awareness, and economic constraints, marked the continent’s cybersecurity landscape in 2023.

This shows the need to strengthen cybersecurity readiness given the critical development requirements.

Anna Collard, SVP of Content Strategy&Evangelist, KnowBe4 Africa

Kenya (76), Nigeria (75), and Ghana (74) lead the charge in cybersecurity readiness, showcasing robust strategies backed by local governments. Ghana’s significant progress in cybersecurity, evidenced by its climb in the Global Cybersecurity Index, reflects the region’s commitment to cybersecurity excellence.

With a security culture score of 72, it’s important to address the findings from a separate survey on generative AI (GenAI) adoption by organisations in South Africa. That survey identified regulatory gaps and a lack of training in countering AI-generated misinformation, highlighting the need for regulations, training programmes, and partnerships to tackle cyber threats such as deepfakes, especially during the upcoming crucial governmental elections.

Anna Collard, SVP of Content Strategy&Evangelist, KnowBe4 Africa

The South African Council for Scientific and Industrial Research (CSIR) expects an increase in cyber attacks targeting important infrastructure and government bodies in the coming weeks until South Africans go to the polls.

This highlights the urgent need for stronger cybersecurity measures to protect both public and private sectors, communities, and national economies.As organisations adapt to the changing cybersecurity environment, promoting a culture of awareness, education, and proactive risk management will be vital in enhancing cyber resilience throughout Africa.

Anna Collard, SVP of Content Strategy&Evangelist, KnowBe4 Africa

This score reflects how much importance different entities worldwide place on cybersecurity within their organisational culture. In today’s interconnected world, where a mobile device in a remote area can access sensitive accounts, working in isolation on security is no longer effective. Collaboration between governments and regulators is essential not just for creating laws but also for demonstrating practical ways to strengthen security culture. Organisations need to prioritise the human element of cybersecurity by focusing on continuous awareness and training efforts rather than relying solely on technological solutions.

Javvad Malik, Lead Security Awareness Advocate, KnowBe4

More News