From Harvard Business Review:
frica is not what you’d call a hotbed of information security (infosec) expertise. Some in the field tell me that in three crucial infosec sub-professions — malware expertise, exploit writing, and cryptanalysis/cryptography — the continent cannot boast of even a single expert of world-class standing.
It might therefore come across as hubristic to suggest that Africa has much to teach a manager laying out the infosec strategy at an enterprise with world-class aspirations. Yet discussions with security specialists have convinced me that Africa might actually a good place to learn about and experiment with novel and exciting notions about corporate infosec.
That’s because corporate infosec strategies in most of the world are designed with 99% focus on impenetrability. Nearly all the resources — time, talent and material — are dedicated to reinforcing and extending perimeters. That may turn out to be a massive misallocation of resources, as I will explain.
Clearly, there are only two inevitabilities: EVERYTHING you own or use will be connected to the “info-grid” and EVERYTHING will be hacked. The only way to break this inevitability cycle is to stop being competitive, innovative and responsive. Which is the same thing as asking you and your company to close shop and pack off to a deserted island.
Continue reading the rest of the story on Harvard Business Review