Uganda lost a whopping Shs151bn to cyber crime, according to a new report released by SERIANU.
According to the report researched and authored by Serianu, a pan African cyber security consulting and training firm in partnership with the ISACA Kampala chapter and Data positIT reveals the depth to which local organizations are exposed to the marauding cyber criminals.
According to Serianu Chief Executive Officer, William Makatiani, the year 2017 is the base year with which the report is working and an assessment of the extent to which Ugandan public and private organizations were affected is shocking.
“We have found out that last year alone, cyber criminals took off with close to Shs151 billion (USD 42 million), an astronomical sum in Uganda terms but a great reality check that we really need to urgently address underlying systemic challenges to stem this tide,” said Makatiani.
He added that with the recent increase in cyber-attacks across organizations in Uganda, Serianu set its research scope to cover a broad range of cyber security issues and provide valuable bench-marking statistics for them. In order to provide a more accurate image of the country, the firms took an inter industry approach and analyzed surveys from different industries including Manufacturing, Insurance, Healthcare, Academia and Government among others.
The Uganda Cyber Security Report also reveals that 90% of Ugandan organizations operate below the cyber security ‘poverty line’, an industry threshold defining the lowest possible standards that a firm can embrace to have in place a semblance of cyber defense and which costs UGX 5,550,000(USD 1,500) as investment in monitoring, detection and prevention tools.
According to the report, on realizing that the need to have security against viruses and malware, many SMEs choose to go for freely available software on the Internet. In other instances, they opt for lower priced tools without considering that they are developed for different environments.
“The advantage we have now is the ability to create our own indigenous cyber security solutions and a growing team of highly experienced professionals who are able to walk with the organization and establish tailor made tools”, said Makatiani.
Serianu’s cyber crime report reveals the extent to which firms that have suffered cyber-attacks share this information with the police.
In the period under review, 95.6% of cyber security incidents went unreported or unresolved and only 4.4% of the reported cases were followed through to a successful prosecution.
This shows the limited extent to which law enforcers achieve success with prosecuting cyber criminals, highlighting a strong need for them to work in partnership with private sector experts to ramp up their vigilance and evident follow through.
Datapos IT Chief Technology Officer Aaron Mbowa said that technology had become a strong enabler of business so much so that it was important for institutions to get it right with their people, systems and processes.
“As we get to increasingly rely on technology for getting things done and communicating, it is important to invest in the right partnerships and secure the business and its information assets”, said Mbowa.
Painting a hopeful picture, the report states that the journey to attain a secure cyber ecosystem is long but optimistic. A better performance at the end of the year will have required better employee monitoring, limited password access and bringing cyber security to the front-line of the organization priority.