In a bid to combat cybercrime that’s rife in Kenya, Microsoft has re-emphasied its ongoing commitment of providing a safer and more trusted platform to organisations and businesses in the region.
During a stakeholder event held in Nairobi today, the corporation highlighted insights drawn from its recently published Security Intelligence Report, which studied emerging cybercrime trends over the past 12 months, revealing key findings not only into the global threat landscape but also locally. The session was to provide a refreshed insight on the status of the local cybersecurity landscape and unpack current and future trends, urging participants and those in attendance to keep abreast and aware.
“From our ongoing research, we found that in the past year ransomware attacks as a vector declined, software supply chains became a risk, cryptocurrency mining prevalent and that phishing still remains the preferred attack method,” says Sebuh, adding, “While this may indicate progress in blocking ransomware attacks against organisations, it also draws our attention to new avenues now being identified for attacks – otherwise very easily ignored by organisations as a recognisable ‘pathway’ for penetration.”
In 2018, cyberattacks cost the Kenyan economy Ksh.29.5B, this is according to the most recent annual report published by cybersecurity firm Serianu. Coupled with the recent attacks to websites in the region, these attacks place the state of cybersecurity in Kenya in the spotlight thus a need exists for the developed world to aid in training experts in cybersecurity even as more co-operation is initiated between developed and developing countries.
The report also estimates that Kenya only houses 1,700 skilled cybersecurity professionals, with 60 per cent of companies facing a shortage, alluding to a need for more education, exposure and adoption.
It is said that within Kenya, the financial sector is the hardest hit by cyberattacks – research has found that in late 2018, banks accounted for 18 percent of the attacks, while payment systems accounted for 10 percent of the attacks.
“As organisations continue to pursue a fully digitally transformed future, threats within the cyberspace will continue to become more advanced in not just the financial sector, but in many industries across the region. This will leave individuals and organisations alike with no choice but to turn to the ever-improving capabilities that advanced technologies and solutions bring with it and this is what encompassed our goal for this event. We are passionate about this and recognise the dire need to not only inform but also enable organisations in this regard” says Sebuh Haileleul, Country Manager for Microsoft in Kenya.
Microsoft recently published its 24th edition of Security Intelligence Report that aims to delved into the cybersecurity events that took place over the past 12 months and includes an overview of the threat landscape. The report and recommended best practices including four key trends that have risen to the forefront in the plight against cybersecurity and that look to remain prominent through the remainder of 2019.
Besides trends identified from the Security Intelligence Report – notable ongoing trends to look out for in 2019 and beyond were also unpacked. The use of AI to combat cybersecurity to fill crucial gaps by analysing a vast ocean of threat data to prevent attacks before they occur is a factor that organisations, through partnering with the correct solutions provider, remains pivotal.
Furthermore, the cloud is and still will be imperative to securing the modern workplace. Lastly, quantum computing, although still in its infancy will require threat analysts to keep an eye on what advances in quantum computing would mean for security in 2019 and beyond. A report by the Communication Authority of Kenya covering the period October and December 2018, cybersecurity threats in Kenya increased by 167% to 10.2 million from 3.8 million threats detected in the previous quarter.
“While there will always be new threats, new attacks and new technologies, statistics like these should urge companies to take action immediately to address security concerns, improving their security postures. It is critical for companies to strengthen their core security hygiene (across things like monitoring, antivirus, patch and operating systems), adopt modern platforms and comprehensive identity, security and management solutions,” continues Haileleul.
Sebuh concluded by affirming his belief in security being a journey and not a destination, and the hope that by keeping commitment to the region, constantly keeping the pulse on cybersecurity advancements as well as educating the public, the holistic progress will be made to combat and successfully mitigate all risk associated with attacks.