Evolving cybersecurity threats and associated financial losses in small and medium enterprises (SMEs) across Africa's six regional geographic blocks (RGBs), namely, East Africa, West Africa, North Africa, Southern Africa, Central Africa and the Diaspora, are examined in this study. SMEs (both local and in the diaspora) contribute significantly to employment, innovation and local economic development through remittances, as well as to the overall gross domestic product (GDP) of Africa and its RGBs. Despite their importance, SMEs often face structural vulnerabilities in their accounting and financial systems, exposing them to cyber threats and resulting financial losses. Many SMEs lack the technical knowledge, internal controls and financial intelligence required to safeguard their digital financial databases.
The increasing digitisation of SME financial operations – through mobile and online banking platforms, cloud-based computing, accounting software and integrated digital payment systems – has further amplified exposure to cyber risks. In this study, SME cybersecurity risk is explicitly situated within the accounting discipline, linking theoretical frameworks to empirical observations of overt financial losses. Criminology theories are explored to understand the nature and typology of cyber perpetrators and their continued reorganisation. Cybersecurity frameworks such as the National Institute of Standards and Technology (NIST) and ISO 27001, alongside cyber risk management theory (including game theory), are applied to the typology as a proactive measure against emerging threats from cyber syndicates operating in business ecosystems.
Through established cybersecurity frameworks, the study demonstrates how financial intelligence can be applied to identify, prevent and mitigate threats to financial assets while ensuring regulatory compliance. A qualitative case study design was adopted, guided by a pragmatist lens. The methodological approach comprised secondary data collection, deductive reasoning, and both literal and theoretical replication. Secondary data enabled broad comparative analysis across geopolitical, economic and technological contexts, strengthening analytical generalisability. Methodological rigour was ensured through systematic thematic synthesis guided by Gioia's inductive coding logic and Eisenhardt's theory-building approach, despite the absence of direct organisational-level validation. Data analysis was carried out by means of interactive tools (World Data, ENACT Organised Crime Index) and modelling software for data visualisation (PlantUML, Excel, HTMLMinifier, CSSNano).
The findings indicate that SMEs experience substantial financial losses as a result of both single-vector and multi-vector cyberattacks, affecting fiat currency, digital assets and accounting records. Through a cross-sectional analysis of the periods pre-, during and post-COVID-19, the most common cyberattacks affecting SME financial sustainability were identified. Malware, ransomware, distributed denial-of-service (DDoS) attacks, supply chain disruptions, business email compromise and data breaches emerged as prevalent cyber threats across SMEs. Digitisation, transnational cybercrime and increased surface and deep web activity have intensified financial leakages in SMEs. Cyber risks and attacks were mapped further, revealing patterns of fraudulent activity, cyber intrusion and operational disruption, as well as evolving cyber mafia structures that threaten the cash flow and overall financial stability of SMEs and, by extension, regional GDP. Game theory is identified as a suitable approach to cyber risk management. It is particularly valuable for sustainability given the evolving nature of cyber threats and the continual adaptation of cyber syndicates and their techniques.
This study makes several novel contributions to accounting sciences and financial intelligence. First, it proposes a cybersecurity-related SME typology grounded in thematic analysis rather than purely technical classifications, thereby bridging criminology, governance and financial risk disciplines. Second, it introduces a structured nomenclature and a twelve-category cybersecurity typology that reconceptualises cyber risk as a strategic governance and financial decision-making issue. Third, it operationalises this typology through a self-designed Cyber Typology Identification Checklist (CTIC), a diagnostic tool enabling SMEs to profile risk exposure, and a REALM framework that informs cybersecurity investment decisions and justifies expenditure using game-theoretic cost–benefit reasoning. This study relies exclusively on secondary data as a deliberate and theoretically justified methodological choice. The cross-regional scope of the six African RGBs and the sensitivity of cybersecurity disclosures among SMEs limited the feasibility of primary data collection due to access constraints and underreporting risks. Recommended measures, based on the self-designed Three Pillar Cybersecurity Recommendation Model provided in the study, include internal controls encompassing people-related, governance and technical measures (network domains, cloud solutions, hardware, software), integrated within a cybersecurity framework. These measures are reminiscent of information technology audit approaches that integrate preventive, detective and corrective controls to ensure the integrity, reliability and resilience of systems.
The study also provides both free and enterprise (paid) solutions that SMEs can adopt individually or through partnerships, alongside recommendations for harmonised legislation across the RGBs to enhance resilience and reduce financial losses. These solutions are intended to equip SMEs with the tools and insights needed to recognise, quantify and mitigate financial risk, thereby strengthening financial governance and accountability. Financial auditors, investors and SME owners can leverage the CTIC and the proposed typology to mitigate cyber and financial risks, to implement proactive measures for protecting capital, to preserve accounting integrity and to promote sustainable growth across the region.
Kulolu cwaningo, izinsongo zokuphepha kwe-inthanethi ezishintshashintshayo kanye nokulahlekelwa kwezimali okuhambisanayo emabhizinisini amancane naphakathi nendawo noma i-Small to Medium Enterprises (ama-SME) kuzo zonke izindawo eziyisithupha zesifunda sase-Afrika ezaziwa ngokuthi yi-regional geographic blocks (ama-RGB), okungukuthi, iMpumalanga Africa, iNtshonalanga Afrika, iNyakatho Afrika, iNingizimu Afrika, i-Afrika Ephakathi kanye ne-Diaspora, kuyahlolwa. Ama-SME (asendaweni kanye nakwa-diaspora) anegalelo elikhulu emisebenzini, emisha kanye nentuthuko yezomnotho wendawo ngokusebenzisa imali ethunyelwayo, kanye nomkhiqizo wezwe jikelele noma i- gross domestic product (i-GDP) yase-Afrika kanye nama-RGB ayo. Naphezu kokubaluleka kwawo, ama-SME avame ukubhekana nobuthakathaka besakhiwo ezinhlelweni zawo zokubala kanye nezezimali, okubabeka engozini becyber kanye nokulahlekelwa kwezezimali okubangelwa yiwo. Ama-SME amaningi antula ulwazi lobuchwepheshe, ukulawula kwangaphakathi kanye nobuhlakani bezezimali obudingekayo ukuvikela izizindalwazi zawo zezimali zedijithali.
Ukwanda kokwenziwa kwedijithali kwemisebenzi yezezimali ye-SME - ngokusebenzisa amapulatifomu ebhange eselula nakwe-inthanethi, ukubalwa kwekhompyutha okusekelwe efwini, isofthiwe yokubala kanye nezinhlelo zokukhokha zedijithali ezihlanganisiwe - kuye kwandisa kakhulu ukuchayeka ezingozini ze-cyber. Kulesi sifundo, ingozi yokuphepha kwe-inthanethi ye-SME ibekwe ngokusobala ngaphakathi komkhakha wokubala, ixhumanisa izinhlaka zethiyori nokubonwa okubonakalayo kokulahlekelwa kwezezimali okusobala. Imibono yobugebengu iyahlolwa ukuze kuqondwe uhlobo kanye nohlobo lwabenzi bokuphepha kwe-inthanethi kanye nokuhlela kabusha kwabo okuqhubekayo. Izinhlaka zokuphepha kwe -inthanethi ezifana ne-National Institute of Standards and Technology (NIST) kanye ne-ISO 27001, kanye nethiyori yokuphathwa kwengozi yokuphepha kwe-inthanethi (kufaka phakathi ithiyori yomdlalo), zisetshenziswa kuhlobo njengesinyathelo sokuvikela izinsongo ezivela kumaqembu okuphepha kwe-inthanethi asebenza ezindaweni zebhizinisi.
Ngokusebenzisa izinhlaka zokuphepha kwe-inthanethi ezisunguliwe, lolu cwaningo lubonisa indlela ubuhlakani bezezimali obungasetshenziswa ngayo ukuhlonza, ukuvimbela nokunciphisa izinsongo ezimpahleni zezimali ngenkathi kuqinisekiswa ukuhambisana nomthetho. Kwamukelwa umklamo wesifundo sesigameko esifanele, oqondiswa ilensi yokusebenza. Indlela yokwenza yayihlanganisa ukuqoqwa kwedatha yesibili, ukucabanga okusekelwe ekucabangeni, kanye nokuphindaphinda okungokoqobo nokwemfundiso. Idatha yesibili ivumele ukuhlaziywa okubanzi kokuqhathanisa kuzo zonke izimo zezwe, ezomnotho kanye nezobuchwepheshe, okuqinisa ukuguquguquka kokuhlaziya. Ukuqina kwendlela kwaqinisekiswa ngokuhlanganiswa kwezihloko okuhlelekile okuqondiswa yilojikhi yekhodi yokufundisa kaGioia kanye nendlela yokwakha ithiyori ka-Eisenhardt, naphezu kokungabikho kokuqinisekiswa okuqondile kwezinga lenhlangano. Ukuhlaziywa kwedatha kwenziwa ngamathuluzi asebenzisanayo (Idatha Yomhlaba, Inkomba Yobugebengu Obuhleliwe ye-ENACT) kanye nesofthiwe yokwenza amamodeli yokubuka idatha (PlantUML, Excel, HTMLMinifier, CSSNano).
Okutholakele kubonisa ukuthi ama-SME abhekana nokulahlekelwa okukhulu kwezezimali ngenxa yokuhlaselwa kkokuphepha kwe-inthanethi ngevektha eyodwa kanye ne-amavektha amaningi, okuthinta imali yefiyethi, izimpahla zedijithali kanye namarekhodi ukubalwa kwezimali. Ngokuhlaziywa kwesigaba esibanzi sezikhathi zangaphambi, ngesikhathi nangemuva kweKhuvethi, ukuhlaselwa kwokuphepha kwe-inthanethi okuvame kakhulu okuthinta ukusimama kwezezimali ze-SME kwatholakala. I-Malware, i-ransomware, ukuhlaselwa kwe-distributed denial-of-service (DDoS), ukuphazamiseka kwe-supply chain, ukuvumelana nge-imeyili yebhizinisi kanye nokwephulwa kwedatha kwavela njengezinsongo zokuphepha kwe-inthanethi ezivame kakhulu kuwo wonke ama-SME. Ukwenziwa kwedijithali, ubugebengu besayibha bamazwe ngamazwe kanye nomsebenzi ongaphezulu kanye nomsebenzi wewebhu ojulile kuye kwaqinisa ukuvuza kwezezimali kuma-SME. Izingozi zesayibha kanye nokuhlaselwa kwadwetshwa kabanzi, kwaveza amaphethini emisebenzi yokukhwabanisa, ukungena kwe-sayibha kanye nokuphazamiseka kokusebenza, kanye nezakhiwo zesayibha mafiya ezishintshayo ezisongela ukuhamba kwemali kanye nokuzinza kwezezimali kwama-SME kanye, ngokwandisa, i-GDP yesifunda. Ithiyori yomdlalo ibhekwa njengendlela efanelekile yokuphathwa kwengozi yesayibha. Iwusizo kakhulu ekuzinzeni ngenxa yokuguquka kwezinsongo zesayibha kanye nokuzivumelanisa okuqhubekayo kwenhlangano yesayibha kanye namasu awo.
Lolu cwaningo lwenza iminikelo eminingana emisha kwezesayensi yezimali kanye nobuhlakani bezezimali. Okokuqala, luphakamisa uhlobo lwe-SME oluhlobene nokuphepha kwesayibha olusekelwe ekuhlaziyweni kwezihloko kunokuba kube ukuhlukaniswa kobuchwepheshe kuphela, ngaleyo ndlela luhlanganisa ubugebengu, ukuphatha kanye nemikhakha yobungozi bezezimali. Okwesibili, lwethula igama elihlelekile kanye nohlobo lokuphepha kwe-inthanethi bezigaba eziyishumi nambili oluqonda kabusha ubungozi besayibha njengenkinga yokuphatha isu kanye nokwenza izinqumo zezezimali. Okwesithathu, lusebenzisa lolu hlobo ngokusebenzisa Uhlu Lokuhlola Lokuhlonza Uhlobo Lwe-Cyber oluziklamele lona noma i-Cyber Typology Identification Checklist (i-CTIC), ithuluzi lokuxilonga elivumela ama-SME ukuthi abonise ukuvezwa kobungozi bokuphepha kwe-inthanethi, kanye nohlaka lwe-REALM oluqondisa izinqumo zokutshalwa kwezimali kokuphepha kwe-inthanethi futhi luthethelele ukusetshenziswa kwemali kusetshenziswa ukucabanga kwezindleko-inzuzo okusekelwe kumdlalo. Lolu cwaningo luthembele kuphela kudatha yesibili njengokukhetha okuhlosiwe futhi okunesizathu ngokwemfundiso. Ububanzi bezifunda eziyisithupha zase-Afrika kanye nokuzwela kokudalulwa kokuphepha kwe-inthanethi phakathi kwama-SME kunciphise ukuqoqwa kwedatha eyinhloko ngenxa yemikhawulo yokufinyelela kanye nezingozi ezingabikwa kahle. Izinyathelo ezinconyiwe, ezisekelwe kuModeli Yezincomo Zokuphepha KweSayibha Ezinezinsika Ezintathu eziklanyelwe zona ezinikezwe ocwaningweni, zifaka phakathi izilawuli zangaphakathi ezihlanganisa izinyathelo ezihlobene nabantu, zokuphatha kanye nezobuchwepheshe (izizinda zenethiwekhi, izixazululo zamafu, ihadiwe, isofthiwe), ezihlanganiswe ngaphakathi kohlaka lokuphepha kwesayibha. Lezi zinyathelo zikhumbuza izindlela zokuhlola ubuchwepheshe bolwazi ezihlanganisa izilawuli zokuvimbela, zokuhlola kanye nezokulungisa ukuqinisekisa ubuqotho, ukuthembeka kanye nokuqina kwezinhlelo.
Lolu cwaningo luphinde lunikeze izixazululo zamahhala nezebhizinisi (ezikhokhelwayo) ama-SME angazamukela ngawodwana noma ngokubambisana, kanye nezincomo zomthetho ovumelanisiwe kuwo wonke ama-RGB ukuze kuthuthukiswe ukuqina nokunciphisa ukulahlekelwa kwezezimali. Lezi zixazululo zenzelwe ukuhlomisa ama-SME ngamathuluzi nokuqonda okudingekayo ukuze kuqashelwe, kulinganiswe futhi kuncishiswe ibungozi bezezimali, ngaleyo ndlela kuqiniswe ukuphathwa kwezezimali kanye nokuziphendulela. Abahloli bezimali, abatshalizimali kanye nabanikazi bama-SME bangasebenzisa i-CTIC kanye nohlobo oluhlongozwayo ukuze kuncishiswe izingozi zesayibha nezezezimali, ukuze kuqaliswe izinyathelo ezisebenzayo zokuvikela imali, ukulondoloza ubuqotho bokubalwa kwezimali kanye nokukhuthaza ukukhula okusimeme kulo lonke isifunda.
Ontwikkelende kuberveiligheidsbedreigings en gepaardgaande finansiële verliese in klein en mediumgrootte ondernemings (KMO’s) regoor Afrika se ses streeksgeografiese blokke (SGB’s), naamlik Oos-Afrika, Wes-Afrika, Noord-Afrika, Suider-Afrika, Sentraal-Afrika en die Diaspora, word in hierdie studie ondersoek. KMO’s (beide plaaslik en in die diaspora) dra aansienlik by tot indiensneming, innovering en plaaslike ekonomiese ontwikkeling deur oormakings, asook tot die algehele bruto binnelandse produk (BBP) van Afrika en sy SGB’s. Ondanks hul belangrikheid, kom KMO’s dikwels te staan voor strukturele kwesbaarhede in hul rekeningkundige en finansiële stelsels, wat hulle aan kuberbedreigings en gevolglike finansiële verliese blootstel. Baie KMO’s beskik nie oor die tegniese kennis, interne beheermaatreëls en finansiële intelligensie wat nodig is om hul digitale finansiële databasisse te beskerm nie.
Die toenemende digitalisering van KMO’s se finansiële bedrywighede – deur mobiele en aanlynbankplatforms, wolkgebaseerde rekenaars, rekeningkundige sagteware en geïntegreerde digitale betaalstelsels – het blootstelling aan kuberrisiko’s vererger. In hierdie studie word KMO-kuberveiligheidsrisiko duidelik binne die rekeningkundige dissipline geposisioneer, en verbind teoretiese raamwerke met empiriese waarnemings van openlike finansiële verliese. Kriminologieteorieë word ondersoek om die aard en tipologie van kuberoortreders en hul volgehoue herorganisasie te verstaan. Kuberveiligheidsraamwerke soos die National Institute of Standards and Technology (NIST) en ISO 27001, tesame met kuberrisikobestuursteorie (insluitend spelteorie), word op die tipologie toegepas as ’n proaktiewe maatreël teen ontluikende bedreigings van kubersindikate wat in sake-ekosisteme funksioneer.
Deur gevestigde kuberveiligheidsraamwerke toon die studie hoe finansiële intelligensie aangewend kan word om bedreigings vir finansiële bates te identifiseer, voorkom en verlig, terwyl regulatoriese nakoming steeds verseker word. ’n Kwalitatiewe gevallestudie-ontwerp is gevolg, deur ’n pragmatiese lens as riglyn te gebruik. Die metodologiese benadering het sekondêre data-insameling, deduktiewe redenering en letterlike sowel as teoretiese replisering ingesluit. Sekondêre data het breë vergelykende ontleding oor geopolitieke, ekonomiese en tegnologiese kontekste moontlik gemaak, en analitiese veralgemeenbaarheid versterk. Metodologiese strengheid is verseker deur sistematiese tematiese sintese, met Gioia se induktiewe koderinglogika en Eisenhardt se teorie-boubenadering as riglyne, ondanks die afwesigheid van direkte organisatoriese validering. Data-ontleding is uitgevoer met behulp van interaktiewe hulpmiddels (World Data, ENACT Organised Crime Index) en modelleringsagteware vir datavisualisering (PlantUML, Excel, HTMLMinifier, CSSNano).
Die bevindings dui daarop dat KMO’s beduidende finansiële verliese ervaar as gevolg van beide enkelvektor- en multivektorkuberaanvalle, wat fiatgeldeenheid, digitale bates en rekeningkundige rekords raak. Deur ’n deursnee-ontleding van die tydperke voor, tydens en ná COVID-19 is die mees algemene kuberaanvalle wat KMO’s se finansiële volhoubaarheid beïnvloed, geïdentifiseer. Indringerware, gyselware, verspreide weiering-van-diens (DDoS)-aanvalle, voorsieningskettingontwrigtings, kompromittering van besighede se e-posstelsels, en dataskendings het na vore gekom as algemene kuberbedreigings in KMO’s. Digitalisering, transnasionale kubermisdaad en toenemende oppervlak- en diep-webaktiwiteit het finansiële lekkasies in KMO’s vererger. Kuberrisiko’s en -aanvalle is verder uitgestippel, wat patrone van bedrieglike aktiwiteit, kuberindringing en operasionele ontwrigting asook ontwikkelende kubermafia-strukture aan die lig gebring het, wat KMO’s se kontantvloei en algehele finansiële stabiliteit en gevolglik ook streeks-BBP bedreig. Spelteorie word geïdentifiseer as ’n geskikte benadering tot kuberrisikobestuur. Dit is veral waardevol vir volhoubaarheid gegewe die ontwikkelende aard van kuberbedreigings en die voortdurende aanpassing van kubersindikate en hul tegnieke.
Hierdie studie lewer verskeie nuwe bydraes tot rekeningkundige wetenskappe en finansiële intelligensie. Eerstens stel dit ’n kuberveiligheidsverwante KMO-tipologie voor wat op tematiese ontleding gegrond is eerder as op suiwer tegniese klassifikasies, en oorbrug sodoende kriminologie-, bestuurs- en finansiële risikodissiplines. Tweedens stel dit ’n gestruktureerde nomenklatuur en ’n twaalfkategorie-kuberveiligheidstipologie bekend, wat kuberrisiko herkonseptualiseer as ’n strategiese bestuurs- en finansiële besluitnemingskwessie. Derdens operasionaliseer dit hierdie tipologie deur ’n selfontwerpte Cyber Typology Identification Checklist (CTIC), ’n diagnostiese hulpmiddel wat KMO’s in staat stel om risikoblootstellingprofiele op te stel, en ’n REALM-raamwerk wat kuberveiligheidsbeleggingsbesluite onderlê en besteding regverdig met behulp van spelteoretiese koste-voordeelredenering. Hierdie studie steun uitsluitlik op sekondêre data as ’n doelbewuste en teoreties geregverdigde metodologiese keuse. Die oorstreekomvang van die ses Afrika-SGB’s en die sensitiwiteit van kuberveiligheidsopenbaarmaking tussen KMO’s het die uitvoerbaarheid van primêredata-insameling beperk as gevolg van toegangsbeperkings en onderrapportering. Aanbevole maatreëls, gebaseer op die selfontwerpte Driepilaar-Kuberveiligheidsaanbevelingsmodel wat in die studie verskaf word, sluit interne beheermaatreëls in wat mensverwante, bestuurs- en tegniese aspekte (netwerkdomeine, wolkoplossings, hardeware, sagteware) omvat, wat in ’n kuberveiligheidsraamwerk geïntegreer is. Hierdie maatreëls herinner aan inligtingstegnologie-ouditbenaderings wat voorkomende, opsporende en regstellende beheermaatreëls integreer om die integriteit, betroubaarheid en veerkragtigheid van stelsels te verseker
Die studie verskaf ook beide gratis en ondernemingsoplossings (betaalde oplossings) wat KMO’s individueel of deur vennootskappe kan aanvaar, asook aanbevelings vir geharmoniseerde wetgewing oor die SGB’s heen om veerkragtigheid te verbeter en finansiële verliese te verminder. Hierdie oplossings is daarop gerigom KMO’s toe te rus met die nodige hulpmiddels en insigte om finansiële risiko te herken, kwantifiseer en verlig, en sodoende finansiële bestuur en aanspreeklikheid te versterk. Finansiële ouditeure, beleggers en KMO-eienaars kan die CTIC en die voorgestelde tipologie benut om kuber- en finansiële risiko’s te verminder, proaktiewe maatreëls te implementeer om kapitaal te beskerm, rekeningkundige integriteit te beskerm en volhoubare groei regoor die streek te bevorder.
