It goes without saying that digital platforms and the everyday use of the internet has become a part of our day to day lives. The use of online platforms has become more and more prominent in all spheres of life stemming from news, education, entertainment and the business world. In the recent past, the business sector has embraced the use of digital platforms with more entrepreneurs realising the importance and convenience that comes with offering online services.
A report titled, “Towards A Flourishing Digital Economy for All – A Spotlight on Africa,” revealed that the volume of e-commerce is expected to rise from $3.3 trillion since 2019 to $7.4 trillion by 2025. Of this, only $180bn was generated in Africa, which shows that there is room for growth on the continent.
Zambia has also experienced a steady growth in products and services being offered online. A study by the International Trade Association reports that since the first outbreak of COVID-19 in Zambia, the use of mobile commerce has increased rapidly, especially in domestic payments retail, wholesale, utility, and obligatory payments to the government. However, the increase in online activities raises the need to understand that cyberspace comes with its own risks and threats.
To understand more on cyber security, we invited Cyber Security Consultant, Alinani Simuchimba for a Q and A session to discuss the opportunities and risks of operating in cyberspace, as well as how entrepreneurs can navigate some of the challenges that lie with running an online business.
Alinani Simuchimba – Cyber Security Consultant
LM: What is Cyber Security and why is it important?
AS: Cyber security is the process of protecting computer systems such as servers. Hence protecting them against cyber threats such as hackers.
LM: What are some of the online threats that lie in various conducting activities such as online businesses?
- Ransomware: Ransomware is on the rise and takes place when one’s computer is hacked to encrypt files. Thus in order for you to have access to your files you need to pay a ransom. Interestingly about 40% of those that have paid ransoms are attacked again as they often become targets of future attacks. It is also not a guarantee that once ransom is paid, information will remain intact as it may often be compromised.
- Social Engineering attacks: Social engineering occurs when a person tries to convince another that they are a legitimate source in order to extract some information. For example, receiving a call to reset your bank password from an unverified source, which then gives hackers access to one’s account. Social engineering accounts for about 49% of all cyber crimes.
- Denial of Service Attacks: This occurs when hackers make a service unavailable in order to disrupt business operations.
LM: What advice would you share with entrepreneurs to ensure that they stay up to date with new security threats and challenges?
AS: I would like to begin by saying, cyber security is not (only) for technical people, it is for everyone. Therefore, these are some of the points of conversations that business owners can have with their developers to help ensure security:
- Ensure that you are using up to date systems and software and are using a firewall.
- Ensure that your team members or employees are trained on cyber security etiquette and things to look out for.
- One of the ways to avoid ransomware is to have regular data backups of the computer systems.
- Ensure that clients use usernames and passwords or “pass phrases’ that are not easy to crack. Therefore avoid using passwords that are just completely composed of text as they are easy to be compromised.
- Use multi-factor authentication in the system. Multi factor authentication is the process through which a user can access using one or more authentication methods.
- Use encrypted data and ensure that access by the user is restricted to their interests on the platform only.
- Avoid using public wifi especially when using banking apps.
LM: What should developers do to maximise security?
AS: Developers should start thinking about security from the time they start designing a system and not as an afterthought. They should further strive to strike a balance between security and functionality.
LM: What are the consequences of a security breach for the consumer or end user?
AS: A breach in security can result in loss of vital personal or financial data that can lead to compromise in livelihood.
LM: Do you have any final words for business people and developers about cyber security?
AS: Yes, we should always ask ourselves how we can make systems secure. Cyber security is a team effort with the aim to find out how systems can be made secure so as to avoid breaches resulting in loss of very vital data. If people would like to find out how best to stay safe online, organisations like the ICT Association of Zambia and the ISACA Lusaka Chapter are available to offer help and assistance.
As BongoHive we are always excited to have conversations that spark positive change leading to viable solutions that change the world. Find out more about our consult services here.