There is a high prevalence of digital security threats and attacks among CSOs in West Africa, following their increasing use of ICTs, even though these threats or attacks manifest differently across countries and by CSO type. With a staggering 31% of CSOs in West Africa reporting having experienced a digital security attack in the last year, the digital security landscape in the region is far from ideal. From computer virus attacks to threats through social media and email, these organisations are facing a variety of digital security challenges. The results showed Nigeria leading the pack with 10.75% of the attacks, with Ghana following closely behind. Unfortunately, these attacks are not just a one-time occurrence, with at least 25% of them happening multiple times in a year. The types of attacks are diverse, ranging from human-caused attacks like phishing campaigns and theft, to technical ones like software and malware failure. Interestingly, the results showed that different types of CSOs experience different types of attacks, with CBOs and Local NGOs experiencing the highest rates of attacks compared to international NGOs. However, there was no clear correlation between the level of digital security and how established a CSO is. These findings paint a picture of an urgent need for digital security awareness and preparedness in the region.

Below are fifteen recommendations to assist nonprofit organisations in their journey towards digital security awareness and resilience.

1. Increase Awareness on Digital Security: CSOs should be made aware of the digital threats that exist and how these threats can harm their organisations. This could be done through workshops, training sessions, and seminars, where digital security experts can share their knowledge and provide practical tips on how to protect against these threats.

2. Invest in Digital Security Infrastructure: It is time for CSOs to cease to be pirates! CSOs who rely on pirated software for their operations need to understand that this software is a direct source of threat to their digital devices and systems. CSOs in West Africa should invest in digital security infrastructure, such as firewalls, antivirus software, and encryption, to protect their digital assets from cyber-attacks.

3. Develop a Computer and Information Security Policy: CSOs in West Africa should develop a computer and information security policy that outlines the security measures and protocols that are in place to safeguard digital assets from digital security threats. It should be communicated to all employees within the organisation to ensure that they understand the contents and their role in maintaining digital security.

4. Train Employees on Digital Security: The analysis has shown that there is a strong interest among CSOs in West Africa in developing their digital security skills and knowledge. It would therefore be important for CSOs to invest in training their employees on digital security, so that they can identify and respond to potential threats.

5. Use Strong Passwords and Authentication Measures: CSOs should implement strong password policies, such as using a combination of letters, numbers and symbols, and regularly update their passwords. They should also use multi-factor authentication measures, such as biometric identification or SMS verification, to ensure the highest level of security for their digital assets.

6. Regularly Backup Data: Regularly backing up data is a crucial step in protecting against data loss, which can occur because of a cyberattack, theft of ICT devices or other means. CSOs in West Africa should consider implementing a regular backup system to protect their data. For example, this can be done by using cloud storage solutions (such as Google Drive, OneDrive or Box).

7. Secure Remote Access: Secure remote access is a crucial aspect of digital security that should not be overlooked by CSOs. With the increasing trend of remote work, employees sometimes need to access their organisation’s systems from remote locations, which exposes the system to various security threats. To address this, CSOs should implement a secure remote access solution such as TeamViewer.

8. Implement Mobile Device Management (MDM): MDM solutions can help CSOs to secure their digital assets and mobile devices. These solutions can ensure that employees’ devices are configured according to the organisation’s security policies and that sensitive data is encrypted to prevent unauthorised access. Moreover, MDM can allow for the remote wiping of lost or stolen devices to prevent data breaches.

9. Monitor Devices: Monitoring devices is crucial for CSOs to detect and respond to security incidents quickly. By continuously monitoring their devices, CSOs can detect unusual activity, such as suspicious network traffic or unauthorised access attempts, and take action to prevent potential threats from escalating.

10. Implement a Disaster Recovery Plan: Implementing a disaster recovery plan is crucial for CSOs to ensure continuity of their operations and minimise the impact of a digital security attack or other disaster. The plan should outline the steps to take in the event of an attack, such as identifying the source and scope of the attack, containing the attack, and recovering from the damage caused. It should also include protocols for restoring systems and data, and for communicating with stakeholders, such as clients, partners, and employees.

11. Regularly Update Software: CSOs in West Africa should regularly update their software, including operating systems, applications, and security software, to ensure that they are protected against known vulnerabilities. For instance, if an organisation fails to update its security software, it may be vulnerable to a new type of malware that exploits a known vulnerability. This can result in data loss, financial loss, and reputational damage.

12. Appoint Cybersecurity Leader: CSOs should appoint a cybersecurity leader who can oversee their digital security efforts, identify potential threats and respond to incidents in a timely manner. This person should be trained and have the necessary resources to effectively manage the organisation’s digital security.

13. Consider outsourcing digital security services: Outsourcing digital security services can be a cost-effective solution for CSOs to address their digital security needs. By outsourcing to specialised companies, CSOs can access expert skills and knowledge that may not be available in-house and ensure that their digital security measures are up-to-date and effective.

14. Collaborate with relevant stakeholders: By collaborating with government agencies, private sector companies, and other CSOs, organisations can share information and resources on digital security best practices, and collectively pool efforts in preventing and responding to digital security threats. This collaboration will help to promote a culture of digital security awareness and enhance the capacity of CSOs to address digital security threats effectively.

15. Regularly review and update security practices: As the digital landscape is constantly evolving, the risks and threats facing organisations also change. This means that CSOs must be proactive in their approach to digital security and stay informed about the latest threats and risks. Encouraging CSOs to regularly review and update their digital security practices will help ensure that they are well equipped to respond to evolving risks and threats. This can involve regularly conducting security audits, using software and tools to monitor their digital systems, and updating their digital security policies and procedures.

✅ For more practical cybersecurity tips, register to our free, self-paced course on Digital Safety and Security: