Key findings: The pandemic is still playing a major role in influencing working behaviours and patterns. Only 38% of respondents have returned to their offices or are accessing the internet from their office network, while 55% continue to work from home; 32% of respondents were affected by cybercrime while working from home, and one-third (33%) of the attacks were social engineering; The number of people concerned about cybercrime has risen to 72%.
The 2021 KnowBe4 African Cyberthreat Report focused on key metrics around cybersecurity awareness and behaviours to gain a holistic view of the continent’s cyber stance and how users perceived the threats. Collating insights from 763 respondents across South Africa, Botswana, Egypt, Ghana, Kenya, Morocco, Mauritius and Nigeria, the report highlights some of the gaps that remain in security awareness in spite of the risks posed by the pandemic and the evolution of hybrid working frameworks.
“The pandemic remains a central issue for most users when it comes to how they plan to work and live in the future,” says Anna Collard, SVP Content Strategy&Evangelist KnowBe4 Africa. “This year, nearly 55% plan to continue working from home. Respondents are increasingly concerned about the risk of cybercrime at 72%, however, the trend this year has been an increase in overall security confidence, which is not necessarily earned. People think they know more than they do and this is causing issues.”
The challenge is that people are still taking unnecessary risks, in spite of their growing awareness and understanding of cybercrime. Around 10% are very likely to share their personal information and 54% will trust an email from someone they know, even though 36% have fallen for a phishing email and 55% have had a malware infection. These numbers are up from 2020, and are compounded by the fact that most users believe that they can confidently identify a security incident (44%) but only 46% could accurately identify ransomware – a small drop from 2020 at 47%.
The concern is that more than 30% of users do not know what two-factor authentication is, 40% are not using a secure password – 20% believed that P@$$word! was a strong password – and yet 63% use their mobile devices to do payments or banking. They are putting themselves at risk with poor password hygiene and limited security controls.
“Email remains one of the biggest security threats,” says Collard. “People are still very trusting of emails they have received from people they know (54%, up 2% from 2020), even though those email accounts could have been impersonated or hacked. There is definite need to educate people around the rising social engineering threats around emails, social media, chat apps and the phone (vishing).
The report found that while people are paying more attention to security, they are still falling prey to scams and attacks that they could have avoided. From social engineering to investment scams, the threats are gaining ground. Considering that around 34% have lost money because they fell victim to a scam, and 26% have experienced a social engineering attack over the phone, it is clear that cybercriminals remain determined to use any means necessary to catch people unaware.
“For organisations, it has become critical that they train employees around security best practices and the various methodologies used by the cybercriminal,” concludes Collard. “People need more help in learning about how to stay safe online at home, the office and on the road. Perhaps the worst mistake is that they believe they are security smart and can identify the risks, when they actually cannot. This is putting both them and their company at risk. “
Building a security culture, or in other words, strengthening the human defence layer and making them aware of how to detect and prevent social engineering attacks is a crucial element in organisational cybersecurity posture, especially as many people continue to work from home.
For a full copy of the report, download it here [https://bit.ly/3HQTDc0].Distributed by APO Group on behalf of KnowBe4.
© Press Release 2021
Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.
The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.
To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.