Nairobi — Kenya lost approximately Sh21.2 billion to cybersecurity in 2017, second only to Nigeria which lost Sh65.5 billion.
This is according to a Cyber Security report by Serianu which also reveals that Africa lost Sh350 billion to cybersecurity with financial institutions most affected.
The report shows that over Sh18 billion was withdrawn from victim accounts with banks compensating nearly the same amount.
Overall, banks and financial institutions in 10 of the African countries surveyed lost $248 million in 2017 with governments losing $204 million.
The highest cost and threats for financial institutions in relation to cyber crimes came from insider threats, investments in anti-cybercrime technologies, banking malware and ATM skimming.
Nearly 90 percent of the crimes that hit banks went unreported.
Fraud in e-commerce cost companies and individuals $173 million while mobile-based cybercrime cost individuals $173 million.
The direct threats of e-commerce and mobile-based transactions came from online fraud, credit card fraud, SIM card swiping and social engineering where victims were duped to send money.
While launching the Africa Cyber Security report, Serianu Chief Executive William Makatiani said that SMEs in the financial services, micro-finance institutions and SACCOs are the most vulnerable to cyber attacks.
"Businesses within the SME sector are continually automating their processes and as a result, their continued dependency on technology is driving them deeper into risk," said Makatiani.
The survey established SMEs spend a maximum of Sh150,000 annually on cybersecurity technologies and services.
Fake news, insider threat and ransomware were identified as the top cybersecurity trends in 2017.