← Writing

Threat Intelligence for African SMEs — A Different Problem

14 September 2024·1 min read
[Security][Africa][Strategy]

Threat Intelligence for African SMEs — A Different Problem

Most threat intelligence is built in and for the West. The IOC feeds, the malware databases, the phishing kits in the signature libraries — they're calibrated to the attack patterns most common in US, UK, and European enterprise environments.

That's useful context. It's not sufficient protection for an SME operating in Lagos or Abuja, where the threat landscape has meaningful differences: mobile-first attack surfaces, M-Pesa and bank transfer fraud patterns that don't match SWIFT wire fraud, and social engineering approaches adapted to local trust hierarchies.

Building the Visual Threat Intelligence Hub pushed me to think seriously about what threat data is actually relevant in this context, and how you communicate risk to non-technical SME operators who have neither the time nor background for a full SOC briefing. Full post in progress.