African organizations are increasingly falling victim to cyberattacks, resulting in data compromises and significant financial losses. These attacks are becoming more frequent and sophisticated as hacker groups now use artificial intelligence to carry them out. In this interview, Brendon MeyerSenior Solutions Engineer at Beyond Trust, shares his assessment of this growing challenge and the future of identity security in Africa. He also discussed his company’s solutions and what organizations and governments need to do to minimize attacks, among other related issues. AMAKA ANAGOR-EWUZIE brings the extracts:
How would you assess the state of cybersecurity in Africa, with a focus on identity security?
The cybersecurity landscape in Africa and Nigeria is constantly evolving. Every day, new types of attacks emerge, whether it is ransomware, phishing or social engineering.
That said, from a regulatory perspective, it is commendable how many African countries are using their regulatory capacities to address many cybersecurity issues to strengthen their security. This unfortunate challenge is due to the fact that infrastructure remains a challenge in the cybersecurity space.
From our interactions with our customers across Nigeria, we find that many of them do not understand how they can use identity security best practices to strengthen their security posture.
What does Beyond Trust do differently that sets it apart from other identity and access security solutions companies around the world?
Beyond Trust is a cybersecurity company. While many other companies provide similar security services, what sets us apart when it comes to security is simply the different approach we take to the market.
We have an identity-centric approach, meaning our focus on identity security and the measures we put in place to strengthen organizations and personal identity security practices, make us unique when addressing cybersecurity threats in today’s modern landscape.
Beyond Trust is different because we prioritize identity security as a technology provider. We have differentiated ourselves from an innovation perspective because we are constantly innovating, acquiring new technologies, and developing specific technologies to help us strengthen our identity security in dialogue with our existing customers.
Additionally, one of Beyond Trust’s key differentiators is that we are a global company, but we have a local presence in countries across the African continent. We have built our capabilities and leveraged our partner ecosystem in each of these countries. In Nigeria, we are advancing the identity security conversation daily and leveraging the advanced skills that Nigerians can offer us.
The recent Africa Cyber Threat Assessment Report indicates that Morocco, South Africa and Nigeria are the countries most attacked by Trojans. What is the latest news and what are the next steps?
The cybersecurity report in question highlights the need for organisations to adopt a strategic and multidimensional approach to cybersecurity, particularly in the African region.
If we look at the sophistication of Trojan attacks as a concept, we see a massive increase in their frequency and sophistication, which underscores the fact that attacker and hacker groups are benefiting from better funding, skills, and are partnering with artificial intelligence to improve their ability to launch these Trojan-based attacks.
They’re also getting smarter in targeting specific industries and people, while working to mitigate those risks, which has become difficult for many organizations because they don’t necessarily know. They can take security awareness training, but in many cases, these types of advanced attacks become difficult.
As a specialist company, Beyond Trust differentiates itself by its identity-centric approach that allows us to specifically target these attackers across malware-based attacks and Trojan horse attacks. We also see these attackers delivering ransomware as a service, and we also see advanced conversations around persistent threats, particularly around cybersecurity, where they are constantly targeting organisations and therefore trying to find these vulnerabilities in your environment.
We observed from the data that attackers have not decreased their attacks; we have seen a significant increase in identity-based or privileged identity-based attacks as well as remote code execution.
From a specialist perspective, businesses need to have an endpoint protection solution that rethinks how malware can be deployed or executed. There are several ways to approach this in cybersecurity.
Read also: Cybersecurity: The role of AI in safeguarding Africa’s digital future
Cybercriminals have adopted increasingly creative and sophisticated methods to attack unsuspecting organizations. How can organizations best anticipate this situation?
We recommend a three-pronged approach to most of our clients to help them prepare for any attack. First, we recommend that organizations and individuals be proactive.
Businesses need to take a proactive approach to security, identifying these threats earlier in the attack lifecycle. When organizations detect these potential security risks faster, they experience fewer breaches.
It is also worth noting that organizations have moved away from a perimeter and endpoint-based approach to an identity-based approach. The shift from a traditional approach to cybersecurity to an identity-based approach has significantly strengthened and refined the security posture of these organizations when it comes to preventing or at least minimizing attacks and the risks associated with them.
The third part of the multi-pronged approach is to take a blended approach of prevention and detection to proactively stop these attacks. This helps eliminate blind spots that these organizations may face.
There is also a need for African organizations to partner with artificial intelligence to make their job easier and improve the detection of these threats.
What plans does your company have to create more opportunities for human capital development in Africa?
When it comes to identity-based attacks, we see in many cases that humans can be the weakest link, and attackers focus their efforts on identity because they see that humans are the weakest link.
When it comes to human capital development, there is no better way to build security capabilities than through people. At Beyond Trust, our human capital is our greatest asset, especially when it comes to solving these challenges and meeting the advanced cybersecurity demands we face in today’s world.
As an organization, we are building our capacity by trying to get our name out there. We have embarked on a roadshow in West, East and Central Africa, where we have visited different countries like Nigeria, Kenya and Tanzania.
As a company, we are ready to go out and meet our customers and build our partner ecosystem, because trust is ultimately earned. We leverage the fact that we need to be present in these countries and show our presence there.
Beyond Trust is present in the West, the East and Africa. We are also fully present in Morocco, Tunisia, Ivory Coast, Algeria and other regions where we have some of the largest customers in the world using our technology. We are leveraging our capabilities on the African continent to differentiate ourselves.
People are our greatest asset when it comes to using the knowledge and skills that we have on the African continent, and it is one of the greatest untapped resources that we can utilize.
How do you leverage your extensive network and industry expertise to deliver tailored identity security solutions to help organizations protect their digital assets?
Beyond Trust has a network of identity security specialists and experts around the world. We can share and guide our customers in many ways when it comes to building their capabilities and strengthening their security posture in the identity space.
As a security solutions provider, we can align our operations by leveraging our clients’ existing investments across the African continent. We understand that many organizations have limited budgets and resources, and this is where we differentiate ourselves as we leverage existing investments and technologies.
What do you see as the future of identity security in Africa and Nigeria, given the many challenges facing the continent?
The future of identity security in Africa and Nigeria in particular is about to change. With legal and regulatory reforms, the Central Bank, the IT Standards Master Plan that Nigeria released in 2019, the Criminal Law Act 2015 and the Nigerian Data Protection Act, there is a great push to improve cybersecurity, governance and risks associated with the challenges we face.
If I have to talk about a possible future in identity security, I think the challenges can be addressed by teaming up and working with artificial intelligence and machine learning capabilities and building on its capabilities.
Thus, adopting a research-based approach to artificial intelligence and leveraging its capabilities through identity threat analysis and detection will help address these future challenges.
Where do you see your operations in Africa in the next five years?
Over the next five years, Beyond Trust as a company will expand to more countries around the world. Since 2023, we have been expanding our capabilities in Africa.
We aim to reach out to an even larger number of customers on the African continent, particularly in Nigeria. Through our various solutions, we aim to play an advisory role to most of our existing customers, guiding them through the complex field of cybersecurity.
Beyond Trust believes that by having a better and closer relationship and guiding our existing customers through a technology provider, we will be there as the most innovative organization in the identity security space.
Additionally, I expect the company to leverage this capability and expand its customer security posture over the next five years.