Cybersecurity: 32% of companies in Nigeria to continue with remote working
TECHDIGEST – A survey conducted by KnowBe4, Lynchpin and ITWeb across three countries in Africa has revealed that 32 percent of corporate organizations in Nigeria will continue with remote working on a flexible basis.
The survey, which was conducted to unpack how remote working was influencing the security paradigm for organisations, also revealed that 57 percent of organizations in South Africa and 29 percent in Kenya, will very likely continue leveraging remote working.
Tagged ‘Remote Working & Cybersecurity in Africa’, the survey digs down into the security risks and essential business considerations that should define how organisations approach remote working security across Africa.
“Remote working may have become an invaluable tool for the organisation, but it comes with a security caveat – people have to be properly trained to recognise the risks inherent in online interactions,” points out Anna Collard, SVP of Content Strategy and Evangelist for KnowBe4 Africa.
She said the immediate defences against cybercrime is an employee that has been well-trained and understands how to spot and report cyber threats, adding that people should know what a social engineering attack looks like, and why they should not click on links or open attachments.
She disclosed that companies across Nigeria, Kenya and South Africa have struggled with insecure home Wi-Fi networks and people sharing their corporate devices with family and friends, arguing that the pandemic threw everyone in the deep end in 2020, and they all spent 2021 learning how to swim. Now, in 2022, it is time to redefine and reshape how the organisation manages security and remote working as effectively and dynamically as possible.
“While many respondents in the survey believed that their remote workers were adequately trained to withstand social engineering attacks, a significant percentage was unsure as to how well their people would react to a security threat. And this points to an urgent need for security training,” she noted.
People are both the problem and the solution. On one hand, they are the human firewall that can stand against the threats and play a huge role in mitigating security risks. On the other, they can be the vulnerability that bypasses the complex and expensive security by simply clicking on a link, or succumbing to a phishing attempt. Companies that are focusing on hybrid or remote working frameworks going forward will have to put training at the forefront of their policies and planning.
Ultimately, a breach could cost them financially and reputationally – particularly now, in the era of rigorous protection of personal information legislation – and poor user behaviour is a leading cause of security incidents across the three countries. While the number of security incidents experienced by companies overall dropped in 2021, those attacks that got through used phishing, social engineering, ransomware and malware. Unintentional data leaks sat in the third position in South Africa alongside credential theft, while Kenya battled with phishing and ransomware. Nigeria’s biggest problems were social engineering and phishing.