Costly cyber breaches surge across Africa

– As firms struggle with AI security skills, PwC reports

By Kizito CUDJOE

African businesses are grappling with an increase in costly cyber incidents, with a growing number of firms reporting financial losses exceeding US$1 million from breaches over the past three years, according to PwC’s latest Global Digital Trust Insights Survey.

The report found that although many organisations across the continent are adopting artificial intelligence (AI) and automation to strengthen their cybersecurity frameworks, a persistent shortage of skilled professionals continues to undermine progress.

Nearly half of respondents said they lacked the expertise to effectively apply AI for cyber defence, while 41 percent cited broader technical skill shortages, prompting companies to channel more resources into upskilling, automation, and advanced digital security tools.

Based on responses from 3,887 executives across 72 countries, the survey identified AI as the top investment priority for cybersecurity amid escalating threats.

Despite plans to increase budgets, 78 percent of respondents said they expect growth, yet only six percent considered their organisations highly capable of defending across all areas of vulnerability.

“Key weaknesses persist in authentication (55 percent very capable), legacy systems (45 percent), and supply chain security (43 percent),” the report said, adding that AI-driven threat detection remains a focus for nearly half (48 percent) of security leaders.

The study also highlighted that quantum computing is emerging as a growing concern, with 49 percent of respondents yet to begin implementing quantum-resistant measures due to limited understanding and inadequate resources.

Other major risks include cloud vulnerabilities (33 percent) and third-party data breaches (27 percent).

Speaking in an interview on the sidelines of the PwC Cyber Forum in Accra, PwC Ghana’s Country Senior Partner, Vish Ashiagbor, said the findings highlight the level of readiness, or lack thereof, among businesses and societies to address emerging threats.

“What the survey demonstrates, perhaps not surprisingly, because it’s a dynamic field where things are constantly changing, is that there is still quite a gap in how business leaders appreciate the risks their organisations face and the kind of preparedness or resilience they need to build to counter them,” he said.

He noted that cybersecurity should no longer be viewed merely as an IT or technology concern, but as a strategic issue that deserves board-level attention. “Whether regulation can keep pace, or better still, anticipate these risks, is also a major question,” he added.

Mr. Ashiagbor stressed that the skills gap in Africa is particularly worrying, given the increasing sophistication of cyber threats. “Do our people, businesses, and societies have enough awareness and appreciation of the risks, and the skills we need to address them?” he asked.

He expressed hope that the survey findings would stimulate collaboration and knowledge sharing to enhance overall resilience. “I expect that we all continue to learn and share information, but beyond that, act proactively and take these issues seriously, because they have significant implications for all of us,” he said.

Some key highlights of the survey indicated that 78 percent of organisations plan to increase cybersecurity budgets in the next 12 months, with AI investment (36 percent) topping priorities ahead of cloud security (34 percent), network security (28 percent), and data protection (26 percent).

It also showed that only six percent of respondents feel “very capable” of withstanding cyberattacks across all vulnerabilities.

The report noted that skills shortages are hampering AI-driven defence efforts, with half of respondents lacking knowledge of AI applications and 41 percent lacking relevant technical expertise. More than a quarter reported cyber incidents costing over US$1 million, with the technology, media, and telecommunications (TMT) sector and large firms most affected.

The PwC Cyber Forum was held under the theme “New world, new rules: Cybersecurity in an era of uncertainty.”

Also speaking at the event, the Acting Director-General of the Cybersecurity Authority, Divine Selase Agbeti, commended PwC for its role in supporting Ghana’s cybersecurity development and helping institutions strengthen their resilience.

“We are witnessing unprecedented growth in digital finance, electronic payments, cloud migration, smart government services, e-commerce, and online citizen engagement. These developments are transforming our economy and improving service delivery,” he said.

However, he cautioned that every technological advancement expands the attack surface for malicious actors. “As we embrace innovation, we must ensure that security is not treated as an afterthought,” he warned.

Mr. Agbeti noted that reported cyber incidents between January and September this year alone had led to losses exceeding GH?19 million, emphasising that the evolving threat landscape demands new thinking, new capabilities, and stronger collaboration between regulators, businesses, and technology partners.

Partner, Technology Consulting, PwC Nigeria, Femi Madariola, also speaking to journalists, urged businesses and organisations to commit to assessing cyber threats to operations, processes, and critical assets in order to bring in the right controls to ensure protection daily.

The post Costly cyber breaches surge across Africa appeared first on The Business & Financial Times.

Read Full Story