Mobile phone penetration is growing in Africa, the continent (especially in Nigeria) is seeing the fastest cryptocurrency adoption globally, and unicorn startups (like Paystack) are emerging.
With such technological advancements also comes an evil twin: cybersecurity concerns.
So, as the African digital space continues to grow, it is essential to understand cybersecurity trends. Thus, we have gathered and vetted the most recent and relevant African cybersecurity statistics, facts, and trends.
Top 8 Africa Cybersecurity Statistics (Editor’s Pick)
- 17% of African brands did not have an information security department.
- 31% of surveyed East African organizations had suffered cyberattacks.
- Egypt was the most targeted region by the Crysis ransomware family in Q1 2021.
- 41% of South African companies had a cyber-resilience strategy in 2021.
- 26% of African firms identified financial loss as the greatest from a cyber breach in 2021.
- 73% of cyberattacked African firms recovered within a few days.
- 20% of African brands in 2022 were unprepared for user privacy and security risks.
- In 2021, there were over 679 million cybercrime-related email detections in Africa.
General Africa Cybersecurity Statistics
1. In 2022, 1 in 4 African organizations lacked a modern cybersecurity strategy.
25% of surveyed respondents relied on being responsive to threats instead.
75% had a tailor-made cybersecurity strategy aligned with their organization’s needs.
2. 27% of African brands had a cybersecurity strategy for specific cyber threats in 2022.
Likewise, brands with a well-planned-out cyber strategy were half as likely to suffer a significant cyber breach as those without one.
3. 47% of African organizations merged their IT security and information security departments.
2022 data also shows that 34% made both departments independent of one another.
4. 17% of African brands did not have an information security department.
Instead, they had only IT security departments. Another 2% of almost 300 surveyed respondents claimed to have neither IT nor information security support, opting for other formal channels.
5. Over 6 in 10 African organizations had an enforced data protection plan in 2022.
This 61% of surveyed organizations also had a data protection officer to enforce the data protection. However, 27% lacked such processes, while 12% needed to figure out where their organizations stood.
6. 8 in 10 African firms were adequately prepared against cyber security risks in 2022.
Another 12% could not mitigate security and privacy risks, while the rest (8%) were unsure of their organization’s capabilities.
7. 23% of African organizations struggled to find and retain cybersecurity talents in 2022.
43% believed they had some cybersecurity skill gaps but were not necessarily struggling. The 2022 survey also revealed that 32% had just enough of the right talent, while another 2% had more than they needed.
8. As of 2022, about 1 in 3 African firms had been a cyberattack victim.
This was evident from data collected over 12 months (late 2021 – 2022).
9. 45% of African organizational respondents were “partially confident” in their CIRT’s ability to deal with a major cyber incident.
38% were “highly confident” in their Cybersecurity Incident Response Team’s (CIRT) abilities, while another 9% were not confident. 8% of the respondents could not measure their feelings about these teams.
10. 24% of African organizations in 2022 had robust in-house cyber protection facilities and personnel.
Another 24% chose ad hoc security solutions with limited alerts, while 16% outsourced the process.
11. 12% of African firms struggled with growing cybersecurity alert volumes in 2022.
This also kept them from running effective security operations centers.
Another 7% of organizations in the same boat reported challenges handling growing volumes of false positives.
12. In 2021, 55% of African companies self-reported being unable to handle a significant cyberattack.
But by 2022, the number dropped to 52%.
13. On average, African organizations experienced 1,848 weekly cyberattacks in 2022.
The global average for the period was 1,164 weekly cyberattacks.
Eastern Africa Cybersecurity Statistics
14. Ransomware, BECs, and data leakages were the most common cyber threats in Eastern Africa in 2022.
These attacks were rampant across the region’s Financial Services, ICT, and Energy/Natural Resources industries.
15. 31% of surveyed East African organizations had suffered cyberattacks.
In response, 77% of regional organizations had measurable cybersecurity strategies and well-defined cybersecurity protocols as of 2022.
16. Almost 8 in 10 Kenyan companies reported higher cyber threats due to remote working in 2021.
At the time of the survey, 66% of Kenyan companies claimed to have remotely-engaged staff.
17. There were over 278 million cyber threat detections in Kenya for Q3 2022.
This marked a 199% surge in cyber threat detections in Q2 2022.
The 5,313,512 advisories issued in this timeframe represented a 169% surge compared to Q2 2022.
At 249,991,852, Kenyan’s cybersecurity agencies marked a 10% decline in cyber threat detections compared to the previous quarter.
20. Kenyan cybersecurity operatives issued 3.55 million cyberthreat advisories in Q4 2022.
That was a 33.1% decline from the advisories issued in the previous quarter.
Southern Africa Cybersecurity Statistics
21. In 2022, Business Email Compromise was the most rampant attack type in Southern Africa.
This was followed by data leakage and ransomware attacks in second and third places. The most attacked organizations were in the financial services, energy, and manufacturing sectors, in that order.
22. By 2022, 23% of Southern African organizations had been cyberattack victims.
Also, 74% of Southern African brands boasted adequately-planned cyber strategies with measurable KPIs in 2022.
23. 82% of Zimbabwean companies claimed an uptick in cyber threats due to remote working.
Even though only 32% of companies claimed to have staff working from home, Zimbabwe recorded a higher related cybercrime uptick than some countries (such as South Africa – 69% WFH) with a higher work-from-home (WFH) staff volume.
Northern Africa Cybersecurity Statistics
24. Egypt was the most targeted region by the Crysis ransomware family in Q1 2021.
The Crysis ransomware family was detected 24 times in Egypt in the quarter.
Across surveyed African countries, South Africa (13 detections) and Morocco (6 detections) were the next most targeted by this ransomware family.
Western Africa Cybersecurity Statistics
25. Western African organizations suffered more Denial-of-Service attacks than other attack types in 2022.
BECs and data leakages followed those to mark the top three.
The most vulnerable organizations (in order) were financial services, energy, and ICT firms.
26. Ransomware attacks hit 71% of surveyed Nigerian organizations in 2021.
Of the global survey count, Nigeria clinched position 11 on the list of most ransomware-attacked countries. Likewise, its companies were hit more than the global average (66%).
27. Nigeria was the only African country in the top 10 ransomware-hit regions to experience data encryptions.
There was a 70% chance of data encryption in ransomware attacks hitting Nigerian companies in 2021. Conversely, the global average was 65% of ransomware-affected companies falling victim to data encryption.
28. 62% of Nigerian companies had cyber insurance coverage in 2021.
Another 19% of Nigerian companies also had cyber insurance but with specific exclusions in the policy.
South Africa Cybersecurity Statistics
29. South Africa suffered 230 million cyberattacks between 2020 to 2021.
The reporting period spanning January 2020 to February 2021 also saw 72 million cyberattacks in Kenya and 71 million in Morocco, rounding up the top three.
30. Most extortion-based cybercriminals in H1 2021 had South African IP addresses.
Between January to May 2021, 715 unique South African IP addresses were used to send cyber extortion messages. Morocco (685) was second, while Kenya (442) rounded up the top three.
|Country||Unique IPs Detected|
31. 34% of BEC attempts on Africa-based organizations in 2021 were directed to South Africa.
Organizations in Tunisia accounted for 20% of these attacks, while Morocco (12%) sealed the top three. Other notable mentions included Mauritius (12%), Nigeria (11%), Kenya (9%), Gabon (1%), and the Central African Republic (1%).
32. South Africa experienced over 25% of ransomware detections across Africa in Q1 2021.
It was only bested by Egypt, which recorded almost 35% of all ransomware detections in the period. In third place was Tunisia, scoring just under 25% of all recorded ransomware activity in the timeframe.
33. South Africa topped the targeted ransomware family detections list in Q1 2021.
Clop and Nefilim accounted for the most ransomware family detections (19 each), followed by Crysis (13) and Doppelpaymer (9).
34. 79% of South African companies saw a surge in cyber threats associated with remote working.
In 2021, almost 70% of South African companies had staff working from home.
35. 72% of South African firms had established cybersecurity measures in 2021.
70% of Kenyan companies claimed the same, but only 44% of Zimbabwean companies joined this group.
36. Ransomware attacks hit 51% of surveyed South African companies in 2022 in the previous year.
South Africa performed better than 30 other surveyed countries, beating the only African country (Nigeria – 71%) on the list too.
37. Only 45% of ransomware attacks that hit south African companies in 2021 entailed successful data encryption.
It performed better than 29 other countries, including Nigeria (70%), across 101 surveyed companies in the SA area.
38. 4 in 10 South African companies had cyber insurance coverage in 2021.
That was less than 62% of companies with cyber insurance in Nigeria.
Likewise, more South African firms (37%) had exclusions in their cyber insurance policies than in Nigeria.
39. 94% of South African companies experienced a phishing attempt via email between 2021 – 2022.
In the same timeframe, 65% of companies in the region claimed an increase in such attacks.
Additional Reading: 30+ Phishing Statistics, Facts, and Trends
40. 41% of South African companies had a cyber-resilience strategy in 2021.
However, the number dropped to 33% in 2022. Still, most companies (89%) either had a cyber resilience strategy or planned to implement one.
41. 97% of South African companies believed their cybersecurity resilience could be better with more funding.
62% would commit the additional financing to cybersecurity training for its staff members, while 59% would invest it in technological innovations.
42. 32% of South African companies had ongoing cybersecurity awareness training for employees in 2021.
About 20% of these companies only supplied such training to their staff members once a year (or less often).
Africa Cybersecurity Financials Statistics
43. 20% of African firms in 2022 cited budget constraints as a reason for lacking a standard cyber-SOC.
This represented the highest challenge in implementing and operating a SOC.
Another 5% were still determining the security operations center’s goals, while legal and regulatory concerns held back 7%.
44. Cybercrimes accounted for over $4 billion cumulative loss across African countries in 2021.
This was equivalent to 10% of the continent’s GDP.
45. 26% of African firms identified financial loss as the greatest from a cyber breach in 2021.
Another 18% identified the loss of valuable company data, but 17% chose reputational damage. In joint third (17%) was the fear of losing strategic business information obtained during the breach to outside sources.
46. South African companies paid an average of $634,288 to ransomware actors in 2021/2022.
Nigeria was the only other featured African country in the global research, and it paid more than South Africa ($706,452).
47. Nigerian companies spent an average of $3.43 million to recover from ransomware attacks in 2021.
This was a 644% jump to the $460,000 average value spent in 2020, which was better than South African companies’ average related spend in 2021 ($710,000).
48. 35% of South African companies paid hackers a ransom in 2021.
Conversely, less than half (43%) of companies who paid the ransom got their data back from the attackers.
49. South African businesses allocated 12% of their IT budgets to cyber security in 2021.
53% of the surveyed organizations had less than 10% of their IT budgets for cybersecurity. However, experts believe that over a fifth (21%) of the IT budget should go to cyber resilience.
Africa Cybersecurity Talent Statistics
50. More than half of African organizations planned to recruit cyber experts in 2023.
By late 2022, 55% of surveyed African organizations were open to recruiting new cybersecurity talents in the next 12 months. Only 45% were against the idea.
51. 58% of African brands would add up to two new cybersecurity personnel between 2022 – 2023.
1 in 4 survey respondents would onboard 3-5 new cybersecurity personnel, while 7% plan to onboard more than 10. In between are the 5% of organizations looking to onboard 6-10 new cybersecurity experts in this timeframe.
52. About 1 in 3 survey respondents believe their Cyber Incident Response Team (CIRT) could deal with major cyber threats.
But over 50% of recently cyber-attacked firms did not trust their CIRT’s capabilities.
53. About 2 in 10 African organizations lacked a security operation center due to talent shortage.
19% of surveyed brands in 2022 fell into this category. Another 11% struggled to analyze cybersecurity data, and 7% were challenged by poor security solutions configurations, all of which could be solved by adequate talent.
Africa Cybersecurity Statistics by Industry
54. 48% of manufacturing firms in Africa had enough cybersecurity resources in 2022.
This was the highest share by industry in 2022, followed by the energy/natural resources (47%) and fast-moving consumer goods (38%) industries.
The breakdown of the top African industries with a healthy share of cyber resources can be found in the table below.
|Industry||% With Enough Cyber Resources|
|Fast-moving consumer goods||38%|
|Government & public sector||29%|
55. There were 2,678 WannaCry ransomware detections across African government sectors in Q1 2021.
Cryptesia was the most rampant ransomware family, accounting for 2,554 of the detections in this sector. Overall, ransomware attacked the government sector most in Q1 2021.
56. Nefilim was Africa's most prevalent banking malware from January to April 2021.
This ransomware family accounted for 648 detections in the banking industry.
Its second-highest prevalence was in the African government sector, which recorded 151 detections in the same period.
57. The ISP and communications industry was the most targeted in Africa in 2022.
This industry witnessed 5,617 weekly cyberattacks in H1 2022.
In second place were government firms and institutions, experiencing 2,861 weekly attacks in the same timeframe.
Africa Cyberattack Statistics
58. 28% of African organizations with a robust cybersecurity approach fell to cyber breaches in 2022.
However, this was less than 46% of brands without a strong cybersecurity framework that was also breached.
59. 73% of cyberattacked African firms recovered within a few days.
It took 10% less than a week to recover and 9% less than two weeks to get back up to speed. 8% of breached firms needed more than two weeks to get sorted.
60. 42% of survey respondents believed their cybersecurity processes could prevent and mitigate cyberattacks.
This 2022 survey of African organizations also showed that 47% were only partially confident in their systems. Conversely, 7% needed more confidence in their organization’s cybersecurity setups, while 4% could not measure their readiness.
61. The Liberian internet was shut down by a Mirai botnet attack in 2016.
The attack generated over 500 Gbps to overwhelm the internet infrastructure in the country.
Additional Reading: 50+ Botnet Statistics, Facts, and Trends
62. South Africans suffered about 11 days of downtime (average) per ransomware attack in 2021.
But 10% of South Africans experienced ransomware-related downtimes exceeding three weeks.
63. TransUnion South Africa lost up to 4TB of data to a cybercrime group in H1 2022.
This was a ransomware attack where the (alleged) Brazil-based attackers demanded a $15 million payout not to leak sensitive files and data obtained in the hack.
Africa Cyber Threat Statistics by Type
64. 20% of African brands in 2022 were unprepared for user privacy and security risks.
74% of organizational respondents had reliable systems to identify privacy and security risks. However, 15% disagreed, while the other 11% were unsure.
65. Business Email Compromise (BEC) accounted for 26% of all cyberattacks on African brands in 2022.
This was the most prevalent attack type, followed by ransomware (17%) and data leakage (16%).
A full breakdown of the attack types suffered by African firms can be found below.
|Business Email Compromise||26%|
Additional Reading: 80+ Insider Threat Statistics by Financial Impact, Region, and Significance
66. Only 26% of African firms were confident enough to tackle and recover from a ransomware attack in 2022.
Another 36% of brands claimed to be working on preventing such attacks from happening at all.
67. 1 in 4 African organizations did not have a specific plan against ransomware attacks in 2022.
Instead, they relied on general best practices. In contrast, 13% of brands were improving their ransomware attack response and recovery efforts.
South Africa accounted for over 32% of these detections, with 219 million emails attributed to the region.
27% of these were online scams, while every other kind of scam (besides specifics in the table below) accounted for 10%.
|Cyber Threat||Detection Frequency|
|Command & Control servers||3%|
70. BEC attempts on African organizations in 2021 were less than 1% of the global volume.
However, offshore companies of major UK, US, and Australian brands in Africa remained huge targets.
71. There were around 3,900 monthly botnet detections in Africa in 2021.
Globally, there were approximately 50,000 monthly botnet detections.
72. 50% of surveyed cybersecurity decision-makers in African organizations were concerned about company database hacks.
The 2021 survey also revealed that 38% of respondents were wary of data leaks, data loss, and employee/client/customer/company data compromise.
73. Over 4 in 10 cybersecurity professionals in African firms were wary of specific cyberattacks in 2021.
This included malware, phishing, and ransomware across 43% of the respondents in this category.
74. Email attacks were the most severe cyber threat for 67% of African cybersecurity leaders in 2021.
59% of these cybersecurity decision-makers identified data breaches as their main threat, while 51% went with web application/web-based attacks.
75. 50% of cybersecurity leaders in African companies believed malware to be the top threat in 2021.
Another 40% chose identity theft, while 32% of respondents were warier about compromised passwords.
76. System vulnerabilities were the most significant cyber threat in Kenya in Q3 2022.
They accounted for over 200 million detections, representing a massive surge compared to under 30 million in Q2 2022.
77. Over 75% of South African companies got more email-based threats between 2021-2022.
And about 67% of these companies prepared to deal with the fallout of an email-based cyberattack.
78. 6 in 10 surveyed South African brands suffered a ransomware attack in 2021.
That was up from 47% of companies reporting a similar case in 2020.
79. 93% of South African corporate respondents believed Microsoft 365 should be more secure against threats.
After all, 65% of the surveyed respondents who used Microsoft 365’s email solution suffered a service outage in 2021 – 2022.
Other Africa Cybersecurity Statistics
80. 97% of large African organizations had a solid data privacy protection strategy in 2022.
This was true for 77% of small and medium-scale enterprises.
81. In 2022, more than 50% of respondents believed their organization’s cybersecurity awareness training was ineffective.
Likewise, only 20% of African organizations believed their employees complied with cyber security regulations.
82. Over 6 in 10 African companies had an annual cybersecurity awareness program in 2022.
80% of these brands were also confident in their employees’ awareness of cyber risks.
83. 86% of South African companies either had DMARC enabled or planned to do so in 2022.
As of 2021, 40% of South African companies were ill-prepared against website spoofing, which DMARC works against. Over 6 in 10 (62%) respondents blamed this on the lack of appropriate technology.
Improving the African Cybersecurity Landscape
Internet penetration in Africa is still low, despite a sizeable continental population.
This shows that there is expected growth in the region, but the focus of cyber threat actors will shift to the continent even more.
With more winning startups emerging from the region and big firms setting up regional offices in the African landscape, threat actors also have more incentives to launch an attack against the digital ecosystem in this region.
That makes it essential to understand the possible hacks you may face and take necessary precautions against hacks.