In light of continued efforts by the Namibian Government to promulgate an effective law that recognises and regulates electronic transactions, cyber security is an emerging topic within the Namibian business environment.
Deloitte Namibia has therefore circulated our annual Corporate Governance Survey to respondents within the public and private sectors of business in Namibia to better understand the governance landscape. A key focus area for governance in Namibia is cyber security and how this is perceived and managed.
Consistent with our findings from the Deloitte Corporate Governance Survey for Namibia for 2019, a study (Africa Cyber Security Report - Serianu) estimated the cost of cyber-related incidents in Africa at a staggering US$3.5bn in 2018, a 75% increase from the previous year. According to industry pundits weighing in on the subject, emerging economies are a favourite target of cyber criminals as they are perceived to be the “low-hanging fruit”. Moreover, another report (ITWeb article here) found Namibia as a key target in Africa.
"Information security governance is a subset of enterprise governance that provides strategic direction, ensures that objectives are achieved, manages risks appropriately, uses organisational resources responsibly, and monitors the success or failure of the enterprise security programme"
- (IT Governance Institute [ITGI], 2006)
Cyber security should be considered a key business risk and managed pervasively by all levels of the entity from the board of directors down to the lowest level of employees. Appropriately managing cyber security plays a pivotal role in the governance of IT and, therefore the function requires C-suite and executive direction and authority. This is in line with the requirements outlined in the NamCode: Chapter 5 and King IV: under principle 12. Not only does this approach aid the strategic alignment of IT to the overall business but also addresses the notion that cyber security is the sole responsibility of the IT function; a tendency that is evident in the 2019 Deloitte Corporate Governance Survey for Namibia.In a time when digitalisation may seem to be an appealing business strategy, the effective governance of cyber security will draw the line between driving business and getting driven out of business. Applying the suggested corrective actions and taking full ownership of your digitalisation strategy will enable Namibian institutions and by inference Namibia as a whole to compete more effectively on a global scale and in the long run, yield positive returns for our people.