Prosper Ndlovu, Feature
THE digital revolution is unstoppable and no one wants to be left behind. Its spectacular transformative impact across the spectrum compels businesses across the globe, governments, regulatory bodies, individuals, and lobby organisations to scale up their online presence to harness associated benefits.
Communication speed capacity, ease of networking, automation efficiencies, enhanced data storage, inclusion derived from decentralisation, transparency, improved compliance enforcement, cost-cutting, versatile working, widening of job opportunities, and access to educational information, are some of the hallmarks of digitisation.
These incentives create a case for mainstreaming a digital strategy first in governance and corporate operations. For the United Nations and global development agencies, digital advances hold the key to driving accelerated attainment of all 17 Sustainable Development Goals by 2030.
In Zimbabwe, the Government has identified the digital economy as one of the key economic growth focus areas to achieve national commitments of elevating the country towards sustainable growth while ensuring fair and equitable distribution of resources across income groups.
Hence the National Development Strategy (NDS 1) blueprint recognises Information and Communication Technologies (ICTs) as the anchor towards the attainment of a digital economy, leading to both economic and social transformation earmarked under Vision 2030.
Embracing digital technology is, however, being marred by increasing incidents of cybercrime across the globe, Zimbabwe included, which demand that businesses and governments raise their security game or risk the devastating impacts caused by cyber criminals. Given the rising value of data, addressing data protection and cybersecurity gaps should be at the top of any company’s list so as to minimise associated risks, says Liquid Intelligent Technologies (Liquid) regional chief executive officer for Central Africa, Mr Wellington Makamure.
“Millions of people are unaware of how their digital activity and personal data are being collected and shared with large corporations,” he says.
“With cyber threats constantly increasing, and hackers targeting corporations, SMMEs, NGOs, governments, emergency services, and individuals daily, taking steps to ensure our digital privacy and digital security has never been more important.”
From a legislative point of view, the country has adequate policies and laws to support the digital economy while tackling data breaches so as to improve smooth public and private sector online operations, says Postal and Telecommunications Regulatory Authority of Zimbabwe (Potraz) director general, Dr Gift Machengete.
The enactment of the Data Protection Act in 2021, for instance, is one of the bold steps by the Government in response to the realities of cybersecurity threats. The Act aims to safeguard users in cyberspace with due regard to the Declaration of
Rights under the Constitution and the public and national interest while creating a conducive technology-driven business environment.
Through consolidating several pieces of legislation that govern cyber security and data protection, the Data Protection Act seeks “to increase data protection in order to build confidence and trust in the secure use of information and communication technologies by data controllers, their representatives and data subjects”.
Technology experts are of the view that legislative pronouncements alone may not win the battle if not buttressed by higher levels of public awareness and proactive steps at individual and organisational levels. It is at this point that Mr. Makamure, who oversees Botswana, DRC, Zambia, and Zimbabwe and is also deputy CEO of Liquid networks for the rest of Africa, believes more still needs to be done.
Armed with vast technical experience in the telecoms sector spanning over 40 years, and being directly responsible for the leadership, strategic, and operations management of Liquid Intelligent Technologies Zimbabwe, Mr. Wellington Makamure (WM) shares key cybersecurity insights drawn from his heavy involvement in the planning, setting up, and building of the Liquid network and business in Zimbabwe from the onset.
Below he responds in detail to critical questions asked by Business Chronicle (BC) about cyber security and data privacy issues in the Zimbabwean context.
(BC) Please explain to audiences what data privacy and data security mean?
(WM): Data privacy is the ability of a person to control their personal data, the discipline to keep data protected from outside access. It is a branch of data security that deals with the proper handling of data.
On one hand, data security protects digital information from corruption, theft, and unauthorised access. It entails the protection of data on hardware and software devices, the administration of controls, and security for devices.
(BC): What is the level of awareness around data security and cyber security in the country?
(WM): While Zimbabwe and Africa have begun the conversation around cyber security in recent years, especially as incidents of hacking and leaking of private information, there is still a lot that needs to be done. A recent report released by Interpol has thrown a spotlight on Africa’s cyber security shortcomings.
The continent boasts rapidly growing mobile and internet networks. On top of that, online financial services are used more widely in Africa than anywhere else in the world – this is particularly true in Zimbabwe, where 96 percent of all financial transactions are conducted online.
However, due to low investment in cyber security measures and a widespread lack of understanding about the potential dangers of conducting business, administrative and personal activities online, many sectors in Africa are targets for cybercriminals – government, telecoms, education, health, finance, and SMEs among them.
(BC): How prevalent are cases of cyber security breaches in Zimbabwe?
(WM): As Zimbabwe moves towards being a cashless society, the finance sector is facing an increasing amount of cybercrime, including phishing and bank card cloning – both of which are rising. As more and more young people spend time online, the conversation about data privacy and security at a personal level is becoming more pronounced as we can see from incidences of personal/private data leakages.
(BC): What are the common cyber security areas of concern in Zimbabwe?
(WM): Liquid Intelligent Technologies (Liquid), a business of Cassava Technologies, in its annual cyber security report for 2021 listed the top four concerns around cyber security in Zimbabwe for 2021 as malware and ransomware, email attacks, social engineering, and data breaches.
Despite this, the same report reveals that Zimbabwean businesses allocate limited budgets to cyber security despite the findings demonstrating that cyber security threats are indeed very real. Everybody who goes online needs to be vigilant.
(BC): What needs to be done to address this challenge?
(WM): There is a need for increased awareness at every level about data privacy and security. There is also a need for increased investment in cyber security by organisations. Businesses need to stop seeing IT as cost centres.
It’s no longer the time to be ignorant. Everyone who goes online for business or personal reasons needs to be vigilant.
Some of the solutions you can use to keep your data protected and private include: anti-virus software, firewalls, secure email, password managers, and cyber security solutions suites.
In the end, cyber security measures are only as good as the people who use them. Therefore, it is essential at a personal level whenever you are online to: be aware of threats to your data privacy, be mindful of cyber security best practices, be willing to learn and train in the discipline and strengthen your protection in the online space.
Essentially, all users need to keep themselves updated on cybersecurity best practices and open up to learning and training as a way of strengthening their digital privacy. There are many tips and tricks you can learn online and add to your security arsenal.
These include using strong passwords, not using the same passwords across multiple accounts, keeping your apps up to date, never giving out personal information, and avoiding clicking on links in emails from parties you don’t recognize.
The engagement with Mr Makamure was done on the back of International Data Privacy Week (24 to 28 January) and Safe Internet Day (7 February), which are part of international efforts to create awareness about digital data privacy, and how data is being used and sometimes exploited by businesses.
The campaigns call on businesses to respect the privacy of individuals and to be more transparent about how they handle user data. The aim is to give the power to control data privacy back to the users.