Cyber threats Africa faces are unique – African surveying needs to be too: Early survey results prove it

The Africa Human Risk Management Survey 2025. (Image: KnowBe4)

---

Preliminary results from the Red Ribbon Insights Africa-wide Human Risk Management Survey have already highlighted very unexpected realities faced by cyber security decision-makers on the continent. Yet, the real take-away is how valuable targeted, industry-specific surveying is for identifying how trends differ across regions.

Red Ribbon Insights, the newly launched surveying and market research division of Red Ribbon Communications, recently started gathering responses from top cyber security decision-makers in Africa to understand the unique human risk landscape they face.

The Africa Human Risk Management Survey 2025 is sponsored by KnowBe4 Africa, the renowned cyber security platform that addresses comprehensive human risk management.

One of the most striking trends emerging from responses so far is how much faith CISOs and security awareness leads are placing in the tech professionals they employ, without hedging against potential issues.

Senior cyber security managers across Africa have submitted survey responses that show something unexpected: the tech industry itself seems to be where the biggest disconnect between cyber security awareness and responsible practices lies.

Respondents in the tech industry report the second lowest rate of having defined processes for employees to report security incidents within their organisations – a rate topped by seven out of eight other surveyed industries.

However, these same tech industry respondents report that their employees have very high levels of awareness about their organisations’ cyber security policies and procedures.

This may indicate a trend where tech employees have very high levels of awareness of cyber security policies, procedures and threats, but aren’t subjected to as much formal reporting or device management processes as in other industries.

Africa’s tech industry is burgeoning, but key traits of the cyber security environment these organisations operate in remain unexplored due to many generalisations or unspecific focuses on the distinct factors at play in the unique space organisations operate in on the continent.

It is only through inputs from targeted respondents in targeted industries that are in a targeted area or environment where actionable insights can be sourced that add new dynamics to conventional understandings.

Call to action: Are you an IT or cyber security decision-maker in Africa? The Africa Human Risk Management Survey 2025 is still accepting responses until 30 March 2025. Share your experiences, observations and insights and contribute to building an Africa-first perspective on human cyber security risk. 

You can seamlessly take the survey here, and by participating, you'll contribute to a valuable resource for the African cybersecurity community and receive the comprehensive Africa Human Risk Management Report 2025.