Lack of experts to tackle sophisticated cyber crimes has been blamed for the increased incidence of cyber attacks in the region.

According to Cisco Annual Cybersecurity Report 2017, organisations are having perennial challenges fighting cyber-crimes because they are not investing enough funds to contain cyber-attacks.

Small or medium enterprise in East Africa have at least one or two of their systems fully exposed on the Internet, with the internal staff unaware of the vulnerability.

The majority of organisations spend less than $5,000 annually on cyber security products while some have no budget and do not train their staff in cyber security.

Cisco Security analyst for Africa Terry Greer King said organisations can reduce their exposure to attacks by separating information technology and security functions.

“Organisations are making their security departments increasingly complex, with most organisations using from six to more than 50 security products, increasing the potential for gaps in security effectiveness, “said Mr King.

According to analysts, most organisations in Africa are ill prepared to deal with information security threats. Mr King said cybercrimes had evolved from individual attacks to organisational ones, adding that one of the widest spread form of threats was ransomware, which is a type of software designed to block a person’s access to their computer system until a certain sum of money is paid, mostly bitcoins. The security analyst said countries holding elections should be on high alert to prevent their systems from being brought down by hackers.

Global financial consulting firm Deloitte, in a report released last week, attributed the high rates of cybercrime to low awareness of threats among local businesses as well as a lack of investment in cyber security.

IT security firm Serianu in a recent report said cybercrime has hit East Africa’s financial institutions with Kenya losing $171 million  to cyber criminals, Tanzania $85 million and Ugandan companies $35 million in the year 2016.