A GSMA Intelligence survey says more than half of operators in Southern Africa rate the cyber security threat level as very high across IoT and mobile devices.
Cybersecurity is a shared responsibility for telecom operators in Southern Africa, according to Tim Hatt, Head of Research and Consulting; James Joiner, Lead Analyst; and Silvia Presello, Lead Analyst at GSMA Intelligence. IoT and mobile device users constitute the weakest layer of defence. Education should a key part of a cybersecurity enhancement strategy for mobile operators.
The 4G adoption in Southern Africa will reach 47 percent of total mobile connections by 2030, driven by network upgrades and availability of affordable 4G smartphones. GSMA Intelligence forecasts that 22 percent of mobile connections will be powered by 5G networks by 2030.
The survey said mobile operators in Southern Africa have a significant level of confidence in their mobile network defences, with 85 percent rating them as either strong or very strong, slightly higher than the global average of 82 percent. When it comes to fixed line networks, mobile devices and cloud data centres, the level of confidence is lower. This suggests operators need to increase their defences for such assets.
Mauritius Telecom has a Chief Data Management and Security Officer to manage the cybersecurity and data protection function and to increase Mauritius Telecom’s cyber resilience, create business value and remain compliant with local and international cybersecurity and privacy regulations.
Telkom has an information security policy and framework to govern business units and functional areas. Telkom offers training on data security and privacy-related risks and procedures to all staff. Telkom addresses data privacy through a privacy statement and framework, as well as documents to assist stakeholders with navigating local regulation.
Safaricom has a business continuity and disaster recovery plan that includes investments in technologies to ensure redundancy capabilities and elimination of any single point of failure. Safaricom has implemented ISO 22301 Business Continuity Management System, maintaining certification by the British Standards Institute since 2014.
Vodacom Mozambique has implemented Vodafone’s global cybersecurity baseline — based on ISO 27001/2 and includes 48 key security controls, of which 11 super controls are prioritised.
Mauritius is the best-performing African country in the ITU’s Global Cybersecurity Index, ranking 17th out of the 194 markets assessed. Mauritius ranks second in cybersecurity vendor Check Point’s list of African countries most susceptible to cyber threats, demonstrating the need for continued investment in cybersecurity solutions.
Mauritius, as part of the National Cybersecurity Strategy, set up MAUSHIELD – a national platform for sharing threat intelligence. MAUSHIELD membership is free and allows organisations to receive access to threat intelligence via alerts and advisories as well as indicators of compromise (IoCs) derived from government and business computer emergency response teams.
MTN Nigeria, in association with a security vendor, has launched a new cybersecurity solution in 2024. Price of the cybersecurity solution starts from NGN1,380 ($0.86) per month, rising to NGN2,070 ($1.29) per month for a subscription.
MTN has also outlined plans to enhance incident management capabilities with security orchestration, automation and response (SOAR) tools in 2024 to help automate routine tasks such as incident triage and investigation, reducing the burden on SOC analysts.
Operators in the Southern Africa region are offering DDoS protection services to enterprises. Liquid Telecom’s DDoS Secure, Seacom’s DDoS Protect and Orange’s Managed DDoS Protection are some of the examples.
Africell has implemented DDoS protection service across its operations in Congo, Gambia, Sierra Leone and Uganda.
