Insiders are Responsible for Most CyberSecurity Attacks in East African Organizations


Cybersecurity is one of the major challenges corporates are facing in the current business environment. Many of these concerns center around the rise of hacking, a threat which has continued to out pace other means of attack by a large margin. Consequently, organizations have been investing widely to contain hacking threats by investing billions of dollars into information security. Even so, hackers continue to find new ways of accessing and stealing sensitive data.  At the moment, the global cysbercrime industry is worth $300 Billion, and the trend is catching up in the African continent.

Increasingly, employees are orchestrating cyber attacks by taking advantage of their levels of access to the organizations resources. According to The 2016 Data Breach Investigation Report by Verizon Enterprise, Databases are increasing being used as launching pads for cyberattacks by disgrunted employees. Databases are the second most frequently targeted asset by people inside an organization, trailing only desktop computers.

In East Africa, over 75% of cyber-attacks are caused by insiders according to Kenyan cyber security firm Serianu.  The situation is worsened by the fact that the region lacks enough infosec personnel with only 3,500 certified security personnel. The launching pad for majority of these attacks takes place in the database an area organizations have not been to invest in. Point-of-sales intrusions have been identified as one of the largest contributors to data breach incidences. This is attributable to the fact that Point-of-sale devices continue to be a reliable source for this data, notably the POS terminals that directly consume magnetic stripe information from customers.