By CIPESA Staff Writer |
According to the Global Entrepreneurship Monitor, Nigeria is among the countries with the highest number of women entrepreneurs, most of whom conduct their business online. However, with the increasing prevalence of cyber attacks and fraud, the success of women-owned Small and Medium Enterprises (SMEs) in the country is under threat. In Nigeria, Africa’s largest economy, Sophos reports that 71% of businesses were hit with ransomware attacks in 2021.
In 2021, cybercrime caused an estimated USD 4 billion loss for African economies, equivalent to 3.5% of the continent’s USD 115 billion digital economy. Despite significant threats such as online scams, digital extortion, email compromise, ransomware and botnets, Interpol figures indicate that over 90% of businesses on the African continent operate without the necessary cyber security protocols in place.
In a bid to counter such threats, Tech Hive Advisory in partnership with Ikigai Innovation Initiative implemented the Cyber Smart Woman project to build a sustainable digital ecosystem for women entrepreneurs in Nigeria. The three-phase project featured 12 focus group discussions on data governance, cybersecurity challenges, and digital security needs of the women-owned SMEs, followed by four knowledge and skills workshops, and the development of a toolkit on data protection and cyber security practices for sustainability and competitiveness.
Tech Hive Advisory and Ikigai Innovation Initiative were one of ten initiatives awarded grants in the sixth round of the Africa Digital Rights Fund (ADRF). The supported initiatives focused on promoting effective data governance in Kenya, Nigeria and Senegal; countering gendered and election-related misinformation and disinformation in Kenya, South Sudan and Uganda; building digital resilience within the media fraternity in Ghana, Nigeria and Uganda; promoting digital inclusion in Uganda and Kenya; and building grassroots-based movements for internet freedom in South Africa.
The focus group discussions featured participants from various online business sectors, many of whom revealed that they lacked adequate digital protection for their businesses. Up to a quarter of the participants had been direct victims of device theft and cyber attacks such as scams and hacking. As a result, their businesses had suffered monetary loss, reputational damage, and, in extreme instances, loss of online assets such as social media accounts and client databases.
The discussions further revealed that despite the SMEs collecting various personal data, the majority did not include online security or data protection measures within their business strategies. Meanwhile, many clients did not invoke their rights as data subjects, which made their data more susceptible to abuse. Indeed, one participant admitted that she had shared a client’s contact information without permission.
Most of the focus group participants believed that with the appropriate knowledge and skills, business owners, just like data subjects, would be able to minimise vulnerability to cyber attacks and data breaches. Accordingly, four capacity building workshops were convened in four regions – Abuja, Ibadan, Kaduna and Lagos – benefiting 167 SME owners. Topics covered included data protection rights and obligations; compliance with data protection regulations; and cybersecurity best practices.
To complement the training workshops, a toolkit for data protection and cybersecurity was developed and disseminated. The toolkit outlines Nigeria’s data protection frameworks as well as the obligations and compliance requirements for business owners. It also provides tips and resources for data subject access procedures, privacy policies, records of processing activities and retention periods. The second section of the toolkit focuses on cybersecurity, also outlining the prevailing legal and regulatory frameworks, common vulnerabilities, best practice guidelines and resources.
Ayodeji Sarumi, the Co-Founder of Tech Hive Advisory, says the project has equipped female-owned businesses in Nigeria with better approaches to handling data protection and cybersecurity issues, which could be essential for their survival in a highly digitised world where cyber fraud is rampant.