According to PwC’s Ghana 2025 Global Digital Trust Insights Survey, only 2% of organizations worldwide have implemented cyber resilience measures across all key areas, underscoring an urgent need for improvement.
This survey, involving over 4,000 business and technology leaders from 77 countries, reveals significant resilience gaps that businesses must close to defend against today’s complex cyber threats.
The report serves as a wake-up call, highlighting immediate action areas for organizations striving to achieve cyber resilience, enhance risk management, and improve leadership alignment.
Speaking at PwC’s Ghana “Leadership Strategies for Cyber Resilience and Growth” breakfast series, Clement Yayra Tettey emphasized the need to integrate cyber resilience into business strategies.
He noted that fewer than half of Chief Information Security Officers (CISOs) are significantly involved in strategic decision-making, despite the rapid expansion of cyber threats driven by advances in AI, cloud technology, and the proliferation of connected devices.
Mr. Tettey remarked, “Many organizations lag in cybersecurity, and bridging the gap between business and technical leaders is essential.” He advised companies to increase security awareness training, establish baseline security protocols, and, particularly for financial institutions, comply with regulatory standards like those set by the Bank of Ghana.
Stephen Cudjoe-Seshie, Cyber Security Authority Lead at National CERT-GH, highlighted the pressing cyber challenges facing Ghana, including online fraud, job scams, and cyberbullying. At an enterprise level, he noted the threats of malware, ransomware, and unauthorized access to executive profiles. Cudjoe-Seshie urged companies to be vigilant in data management and recommended antivirus software and cautious online behavior.
Marco Loots, Director of Cybersecurity at PwC South Africa, stated that cybersecurity must be prioritized alongside operational metrics and ROI. He emphasized the importance of staying updated on cybersecurity trends, understanding competitors’ actions, and investing in the right talent, technology, and tools. Loots warned about the dual risks of ransomware and hack-and-leak attacks, where attackers compromise information and demand payment both to decrypt and remove sensitive data from the internet. The cost of breaches can reach up to $500,000.
Abel Lomotey Daitey, Chief Information Officer at GCB Bank PLC, noted that financial institutions have made progress in cyber resilience but emphasized the need for CISOs to effectively advocate for cybersecurity investments to remain relevant.
Jacqueline Hanson-Kotei, Head of Security for MTN Ghana, stressed that cybersecurity should be ingrained in an organization’s culture. “Everyone should understand and ‘own’ cybersecurity,” she said, adding that leadership must support this foundation.
The survey reveals that organizations are least prepared to address their most concerning threats: cloud-related risks, hack-and-leak operations, third-party breaches, and attacks on connected devices. This disconnect highlights an urgent need for stronger investments in cybersecurity infrastructure and response capabilities to address these vulnerabilities.
By Eugene Davis