Strategic considerations for effective cyber security in Africa: toward a positive cyber hygiene
The digital age is upon us and cybersecurity has since become a global phenomenon. With the awareness ot interconnectedness, the enigma of a security chain being as strong as the weakest link in a chain is made clear, hence the rest of the world needs Africa to be aware and ready as a cyber-unsafe Africa in the global cyberspace is a substantial vulnerability to others.
Cyber Security is still a teething domain especially for Africa with little or no existing lessons to learn from, or standard practices to adapt and adopt. Every economy is supposed to invent its own wheel to suit its peculiarities. However, it was observed that several basic cybersecurity' principles repeat themselves across economies hence proper documentation, sharing ot best practices, and collaboration are strategic factors Africa must consider (WEF, 2014).
In the whitepaper, Global Agenda Council on Cyber Security published by the World Economic Forum in 2014, international fragmentation, international norm-setting and role are part ot the key obstacle to robust ICT and cybersecurity development. The whitepaper identified the following factors as strategic considerations, organisations, and individuals should consider when addressing the cybersecurity challenges in Africa:
i. Adopting best practices and cyber hygiene: An important first step is developing policies and procedures that include regularly validating approved hardware and authorised software, establishing security' system configurations, timely patching ot applications and operating systems, controlling and auditing user privileges, and educating users.
ii. Improved authentication: Organisations must move beyond insecure passwords to mechanisms such as two-factor authentication and continuous authentication technology, which will become increasingly important as more devices connect to the internet.
iii. Preparing for attacks: It is critical that organisations take steps to prepare for eventual attacks, including enhancing forensic capabilities, developing business continuity plans, and developing plans for regaining user trust.
iv. Blended governance approaches: The public and Global Agenda Council on Cybersecurity' private sectors must explore new ways of collaboration that would leverage the perspectives of governments, companies, civil society, and academia.
v. Careful government interventions: The public and private sectors must collaboratively construct effective regulations and frameworks that address cybersecurity needs without hampering innovation or diminishing trust.
vi. Independent security' organisations: Independent organisations can reward the implementation of best practices and create high-information consumers.