• New report ranks most predominant cybersecurity threats in Africa, confirms the need for identity-focused security alignment
  • Analysts identify lack of maturity in identity protocols and outdated cybersecurity strategies as risks to identity security in Africa


Atlanta, GA – October 16, 2023 – BeyondTrust, the worldwide leader in intelligent identity and access security, today announced the release of a new IDC Technology Spotlight report, “Africa’s Road Map to Identity Maturity and Security Using Privileged Access Controls.” Sponsored by BeyondTrust, this report examines the need for identity-focused security in Africa, highlighting the digital adoption trends that lead to vulnerable business postures and the methods for enhancing security strategies using privileged controls. The overall goal of the report is to help establish a sound privileged access security strategy roadmap for Africa.

In this report, an IDC analyst reviewed key findings from multiple IDC Security Surveys (2022-2023) in addition to IDC’s Worldwide Security Spending Guide (2023) to assess why cybersecurity remains a challenge across Africa. The report also makes recommendations to African organizations on how to get their cybersecurity roadmap aligned with demonstrated threats.

Conclusions drawn from the report indicate that:

  • There is a massive lack of maturity in identity protocols: As the physical demarcation of network perimeters expands, African organizations need to realign their IT security investments in cybersecurity protocols. IT’s focus has not evolved with the threats, and current strategies are now outdated.
  • PAM and Identity security should be at the core of modern security practices: Organizations should focus on creating identity-based perimeters and access-based boundaries. IDC recommends that African organizations start by securing privileged users.
  • Preparation for a breach should always be the main plan: Organizations must be prepared to enforce strong application, password management, least-privileged controls, and just-in-time access policies to prevent phishing-initiated breaches. Most compliance mandates require all privileged access sessions to be monitored and managed and evidence to be maintained.

“More than ever, entities in Africa need to get serious about identity security,” said Shilpi Handa, Associate Director Research — Cybersecurity, IDC. “Investments in identity security in Africa have been low, despite the high rate of curated spear phishing attacks plaguing the continent. In early 2022, when IDC surveyed 209 organizations across Sub-Saharan Africa, just 18% said they were using PAM solutions.”

Key findings from the report revealed:

Many organizations in Africa are still unprepared for cyberattacks

  • More than 90% of businesses on the continent were operating without the minimum necessary cybersecurity protocols.
  • Only a handful of countries have cybersecurity regulations in place to protect consumers and businesses.
  • Investments in identity security in Africa have been low, despite the high rate of curated spear phishing attacks.
  • Overall privileged access control adoption was surprisingly low. In September of 2022 only 18% of organizations surveyed said they were using PAM solutions, and Multifactor authentication (MFA) adoption stood at a mere 34%.
  • Companies and their employees are not the only ones vulnerable to cyberthreats; individual identity itself is at risk from cyberattack in Africa today.

Phishing is the top threat in SSA

  • Phishing (62%) and insider threats (51%) are among the top 5 threats in SSA.
  • The rate at which phishing is growing in the region is worrisome and likely to become more severe with the increasing adoption of generative AI (GenAI) by hackers.

Zero trust initiatives were ranked second in terms of expected investment

  • Automated response to security incidents is considered to be the most important investment priority (73%) in the next 12-18 months. Zero trust initiatives ranked second (52%).
  • Privileged access management (PAM) and identity and access management (IAM) were key projects on the zero trust journeys of 61% of CISOs in South Africa.
  • 53% of respondents in South Africa regarded cloud entitlement management (or the use of identity-specific tools to monitor/manage entitlements and access to cloud resources) as their second most important cloud investment priority for the next 12–18 months.

“Securing identities and access is critical to combatting today’s cyberthreats,” said Morey Haber, Chief Security Officer, BeyondTrust. “By securing the privileges and access that make compromised identities dangerous, we are empowering organizations to proactively safeguard the critical assets across their estate, even in today's evolving threat landscape.”

To learn more about the cybersecurity landscape in Africa, or view the recommended approach to Privileged Access Maturity, download IDC’s full report here.

About BeyondTrust

BeyondTrust is the global cybersecurity leader protecting your paths to privilege™. Our identity-centric approach goes beyond securing privileges and access, empowering organizations with the most effective solution to manage the entire identity attack surface and neutralize threats, whether from external attacks or insiders.

BeyondTrust is leading the charge in transforming identity security to prevent breaches and limit the blast radius of attacks, while creating a superior customer experience and operational efficiencies. We are trusted by 20,000 customers, including 75 of the Fortune 100, and our global ecosystem of partners.

Learn more at www.beyondtrust.com.

Share this Press Release
Media Contact

Yasmina Bileoma

Want to learn why over 20,000 customers chose BeyondTrust?
Prefers reduced motion setting detected. Animations will now be reduced as a result.