Nelson Kwaje, Cyber Security Analyst at the East Africa Internet Governance Forum in Arusha, Tanzania - COURTESY

A South Sudanese cyber security analyst has said individuals and organizations are not taking cyber security within their practices seriously enough.

Nelson Kwaje made the remarks this week at the 9th East Africa Internet Governance Forum in Arusha, Tanzania.

The forum brought together Information, Communication, and Technology (ICT) experts in East Africa to discuss cyber security in the region.

Speaking during the forum, Kwaje pointed out that Cyber security is still not taken seriously enough not only by individuals but by organizations.

“Cybersecurity is not taken seriously in… I am not talking about the public, but even organizations you deemed to be serious don’t take cybersecurity seriously,” said Kwaje.

“One of the biggest security concerns in cybersecurity is that at least it’s a mainstream issue, but its most misunderstood and also misconstrued subject,

“You find out that cybersecurity is only talked about when there is hacking or when data has been breached so, usually too little, too late.”

Kwaje stated that the most challenging part of the job is educating South Sudanese internet users about cybersecurity.

“In the case of South Sudan, one of the concerns is you take a lot of time educating the users. So, you don’t do fire-fighting cybersecurity response, that you follow cybersecurity hygiene, you do the best practices, and people usually want a quick fix,” said Kwaje.

The 9th East Africa Internet Governance Forum was held between the 10th – 11th of November 2022 at the EAC Headquarters in Arusha, Tanzania.