Why Kenya Needs More Cybersecurity Professionals Urgently
According to a report released by Kenya's Communications Authority, cybersecurity incidents in the country have skyrocketed, reaching 830 million by 2023. Cybersecurity threats are growing not only in Kenya but all over the continent and around the world. According to a 2022 report, one out of every 10 businesses in East Africa has experienced a cybersecurity breach.
Cybercriminals are exploiting the expanding digital landscape to attack individuals and organizations alike, motivated by potential gains ranging from financial incentives to simple mischief. According to the latest Africa Annual Cybersecurity Report by Serianu, cybercrime costs in Africa are estimated to be USD 10 billion in 2023, with Kenya's costs potentially reaching USD 383 million.
As the digital landscape becomes more combative, malicious actors devise new ways to get around security protocols. This highlights the importance of improving human capacity to respond to these threats.
There is a shortage of cybersecurity professionals right now. According to the World Economic Forum, there will be a global shortage of 85 million cybersecurity professionals, with four million needed immediately to close the current gap. Given that cyberattacks cost the global digital economy up to USD 10.5 trillion per year, there has never been a more urgent need to increase cybersecurity professional training.
To illustrate this further, the 2024 CISCO Cybersecurity Readiness Index discovered that 87% of organisations globally consider a lack of cybersecurity talent to be a major challenge, while 46% have more than ten unfilled cybersecurity roles. This is a significant gap, especially given the rate at which cybersecurity threats are increasing, as many organisations continue to be subjected to massive numbers of cyberattacks. Every 24 hours, Microsoft, for example, deals with 65 to 70 trillion cybersecurity signals, and this figure is increasing. Furthermore, Serianu Limited estimates that cyberattacks will cost Kenya USD 383 million in 2022 and that the country only has 4,000 cybersecurity professionals.
Cyberattack sophistication is also increasing as cybercriminals use advanced tools and tactics, such as artificial intelligence, to exploit the growing digital landscape. These technologies enable attackers to automate their attacks, making them more effective and difficult to defend against.
Without a doubt, the increasing volume and complexity of attacks necessitates an increase in the number and skill set of cybersecurity professionals.
While including cybersecurity basics in IT professional training is important, there is a clear need for more advanced and specialised training to keep up with the ever-changing threat landscape. Specialised programs that focus on specific aspects of the digital landscape provide cybersecurity professionals with extensive knowledge of how to build secure digital environments, respond to incidents, and conduct digital forensics.
With an understanding of the importance of specialized training, Microsoft ADC is partnering with Cyber Shujaa, a collaboration of the Kenya Bankers Association, USIU-Africa, and Serianu Limited, to train 100 students and set them on the path to cybersecurity specialisation. The course, led by Microsoft professionals, will walk participants through various cybersecurity principles, with the goal of providing them with industry-ready skills and certifications. The mentorship model integrated into the training will provide hands-on experience and unparalleled insight into cybersecurity and the changing threat landscape.
Kenya's position as the Silicon Savannah presents a unique opportunity and need to invest in specialised cybersecurity training. Collaborations between tech sector players and other sectors are ripe for the picking as businesses seek cybersecurity solutions tailored to their specific industry requirements. Working together, industry players can provide specialised training that improves our overall capacity to prevent and respond to threats in an efficient manner, thereby avoiding reputational and financial loss.
The time to act is now, as most industries are turning to digitalisation to increase efficiency, and the cost of inaction is already too high. Addressing the cybersecurity skills gap will not only improve our ability to protect our digital environments and boost confidence in the digital economy, but it will also ensure that the benefits of digitalisation are enjoyed safely.
This article originally appeared on CapitalFM