Finance, government and fintech sectors face highest cyber losses in Africa — Report
The report says critical-infrastructure sectors (energy, manufacturing) exhibit fewer but higher-impact incidents due to operational-technology vulnerabilities.
Financial services, Government services and fintech/digital payments platforms top the list of sectors facing the highest distribution of cyber incidents and losses in Africa, a new report has revealed.
This is according to the annual Africa Cybersecurity Report (2025) published by the Africa Cyber Immersion Centre (ACIC).
More To Read
- Kenya calls for united African front against rising cyberthreats as regional forum opens in Nairobi
- Activist petitions IEBC to prove security of election systems amid spyware, AI threats
- CBK launches new cybersecurity centre to combat rising financial sector threats
- Kenya hit by 2.5 billion cyber-attacks in three months, facing crippling skills gap
- 1,200 arrested, Sh12 billion seized in major Interpol cybercrime crackdown across Africa
- Kenyan banks tighten oversight of third-party tech firms amid rising cyber threats
The attacks targeting the three industries occur in the form of payment fraud, credential compromise, ransomware, data exposure, service disruptions, API abuse and mobile money fraud, among others.
As a result, finance, government, fintech, telecoms, and healthcare account for 70 per cent of total incidents and losses.
"Fraud-driven scenarios dominate, while ransomware and supply-chain attacks cause the largest single-event costs. Public-sector exposure continues to expand as e-government and cloud-migration projects outpace control maturity," says the report.
Other highly targeted sectors are the telecommunications where attacks range from Distributed Denial of Service attacks (DDoS), SIM-swaps, signalling system exploitation; Healthcare services with ransomware and PII-breaches (unauthorised and malicious access, acquisition or disclosure of Personally Identifiable Information); ICT service providers and the e-commerce sector (through card-not-present-fraud and fake merchant scams).
Other targeted areas are education and research institutions (via phishing, credential theft and web defacement), manufacturing and industrial operations (through OT- and supply chain breaches), as well as the energy sector (through supervisory control and data acquisition as well as grid-control targeting).
The report says critical-infrastructure sectors (energy, manufacturing) exhibit fewer but higher-impact incidents due to operational-technology vulnerabilities.
"Africa's cyber-risk concentration mirrors its digital-adoption curve: the sectors enabling commerce and citizen services attract the most attacks. Financial institutions remain the continent's security bellwether, while healthcare and industrial operations face rising risks from interconnected systems. Improving cross-sector visibility, data-governance discipline, and business-continuity readiness will determine whether rising investment yields measurable resilience gains in 2026," the report adds.
In the year under review, 2025/2025, threat activity was dominated by identity-centric attacks, vulnerability exploitation, and social-engineering campaigns.
"Attackers increasingly combined phishing, credential theft, and ransomware into hybrid operations targeting financial and governmental ecosystems. The following table reflects modelled proportions of incident frequency and relative loss magnitude across the five in-scope economies," it further says.
The attacks have contributed to losses like direct expenditures related to incidents response, remediation (via eg infrastructure modernisation) and productivity losses (from business interruption and service degradation) followed by direct financial theft (through unauthorised transfers and compromised accounts (leading to loss of trust in the affected brand) and contractual and third party liabilities (such as Service Level Agreement (SLA) penalties and partner compensation following service disruption) among others.
"Africa's cyber-loss economics reveal that containment and continuity expenditures dominate post-incident spending. Proactive investment in rapid-response playbooks, business-continuity automation, and fraud-prevention analytics can significantly reduce recurring costs. Organisations should treat post-incident recovery budgets as measurable resilience metrics, not exceptional expenses," the report adds.
The report concludes that Africa's threat landscape reflects a maturing yet uneven defensive posture as automation, credential abuse, and social manipulation outpace traditional controls.
It notes that internet penetration is presenting a dual impact on one side, promoting gains in the economy while at the same time posing major threats to it.
"Africa's cyber-risk profile in 2025 reveals a structural challenge: the same vulnerabilities that drive efficiency, interconnected systems and rapid digitisation also magnify incident impact. Improving identity assurance, data-integrity controls, and third-party oversight will deliver the highest resilience gains. Organisations should embed continuous testing and immutable-backup frameworks to maintain business continuity under disruption," the report says.
It calls for enhancing identity governance, vulnerability prioritisation, and real-time telemetry correlation will deliver the most measurable reduction in both incident frequency and loss severity by 2026.
Top Stories Today
