As artificial intelligence adoption accelerates across Africa, cybersecurity experts are warning that organisations may be moving faster than their ability to secure themselves.
Speaking to TechArena on the sidelines of AI Everything Kenya x GITEX Kenya, Moses Munguti, Technical Expert and Team Manager for Africa at Kaspersky, said AI is already reshaping the cyber threat landscape, often in favour of attackers.
“AI is a force multiplier,” Munguti said. “It can be used for good, but attackers are adopting it faster, and that is stretching already limited cybersecurity resources within organisations.”
Rather than introducing entirely new types of attacks, AI is amplifying existing ones. According to Kaspersky data, the company detected an average of 500,000 malicious files per day globally last year. This is a clear signal of the scale and speed of modern threats.
In East Africa, two attack methods continue to dominate: ransomware and phishing.
Ransomware remains highly effective because of its direct financial incentives. Attackers either encrypt critical systems or exfiltrate sensitive data, forcing organisations to pay to regain access or prevent leaks.
Phishing, on the other hand, targets the human layer. “It is often easier to manipulate a user than to bypass a security system,” Munguti noted.
One of the most underreported risks is the rapid rise of what experts call shadow AI where employees use AI tools without formal approval or oversight. Workers are increasingly turning to public AI platforms to complete tasks faster, often without considering the security implications and this is driven by the need for speed and productivity.
“Employees are incentivised for productivity, not security,” Munguti explained. “They will use whatever tools help them achieve their targets.”
This creates a growing visibility gap for organisations, especially when sensitive or proprietary data is shared with external AI systems. In some cases, companies may not even be aware that such tools are being used internally.
AI is also making cyberattacks more convincing and harder to detect. Threat actors are now leveraging tools that enable highly personalised phishing campaigns, voice cloning using minimal audio samples and deepfake content for social engineering.
“Even 30 minutes of voice recording can be enough to create something very convincing,” Munguti said.
This evolution makes traditional awareness strategies less effective, as attackers can mimic trusted voices and communication patterns with increasing accuracy.
The shift to cloud computing and distributed work environments has eroded the traditional concept of a secure perimeter.
“Organisations can no longer rely on a defined boundary,” Munguti said. “Security now has to extend across users, devices and environments.”
This is driving the adoption of approaches such as Zero Trust, where no user or system is automatically trusted and access is continuously verified.
Beyond common threats, Munguti highlighted several areas that remain underprotected across the region. Critical infrastructure, including energy, water, and manufacturing systems, is increasingly vulnerable, despite its importance.
“There are cases globally where entire plants have been shut down due to cyberattacks,” he said.
Supply chain risks are also rising, with attackers targeting third-party vendors as entry points into larger organisations.
To keep pace with evolving threats, organisations need to rethink how they approach cybersecurity. Rather than relying on periodic training or static defenses, experts recommend:
- continuous risk assessment
- automation of known threat detection
- better visibility across systems
- stronger governance around AI usage
Importantly, Munguti emphasised that companies should reduce reliance on users to make security decisions.
“Wherever possible, security controls should remove the need for risky human decisions,” he concluded.
For these and more stories, follow us on X (Formerly Twitter), Facebook, LinkedIn and Telegram. You can also send us tips or reach out at [email protected].
