Dear IT Guardian,

A new year offers a natural moment to pause, reflect, and reset. For many organisations and individuals, that reset includes clearer goals, renewed focus, and better systems. In an increasingly digital world, however, one area that can no longer be left on autopilot is cybersecurity. Starting the year on the right track means more than setting new business goals; for businesses, it also means taking cybersecurity seriously. The lessons from last year were consistent across borders: cyber threats are growing, evolving, and affecting everyone, regardless of geography or size.

Across 2025, cybercrime continued to rise globally, with economic losses estimated in the trillions of dollars. Phishing, ransomware, credential theft, and malware remained the most common attack methods, and no region was immune. In the United States and the United Kingdom, reports showed that a significant percentage of businesses experienced at least one cyber incident within a 12-month period, with small and medium-sized organisations increasingly targeted due to weaker controls and limited security resources. Data breaches in both countries remained costly, often taking months to detect and even longer to fully recover from.

In Africa, the picture mirrored many of these global trends. Nigeria, Ghana, and Namibia all recorded notable increases in attempted cyberattacks, particularly those involving phishing, password theft, and financial fraud. Millions of malicious attempts were blocked across the continent, but rising internet penetration, mobile banking, and digital public services also expanded the attack surface. In several African countries, reports showed that thousands of attacks were attempted against organisations every week, highlighting that cybercriminals are actively scanning for opportunities wherever digital growth is happening.

One consistent theme across regions was the role of identity compromise. Whether in North America, Europe, or Africa, stolen credentials were among the leading causes of successful breaches. Weak passwords, reused credentials, and lack of multi-factor authentication made it easier for attackers to “log in” rather than break through technical defences. Human error also continued to play a significant role, with the majority of breaches involving some form of social engineering, misconfiguration, or accidental exposure of data.

Another defining trend from last year was the increasing sophistication of attacks. Cybercriminals are no longer relying solely on crude tactics. Artificial intelligence is now being used to generate convincing phishing messages, mimic trusted brands or colleagues, and automate attacks at scale. This shift has made it harder for individuals and organisations to rely on instinct alone to identify threats, reinforcing the need for structured security controls and ongoing awareness.

As the new year unfolds, the direction of travel is clear. Traditional perimeter-based security models are becoming less effective in a world of remote work, cloud platforms, and third-party integrations. Identity has become the new perimeter, and security strategies are increasingly built around continuous verification rather than assumed trust. Regulatory pressure is also growing across regions, from stricter data protection enforcement in the UK and US to expanding cybersecurity frameworks across African markets.

Starting the year on the right track with cybersecurity doesn’t require dramatic overhauls, but it does require consistency and intention. Organisations that invest in regular training reduce the likelihood of successful phishing attacks. Those that strengthen access controls and deploy multi-factor authentication dramatically limit the impact of stolen credentials. Clear incident response plans, reliable backups, and tested recovery processes help ensure that when incidents do occur, disruption is contained rather than catastrophic.

Cybersecurity is no longer a regional issue or a technical afterthought. It is a shared, global challenge that touches businesses, governments, and individuals alike. By learning from last year’s trends, across countries, industries, and systems, and by taking practical, proactive steps this year, organisations can move forward with greater resilience and confidence.

Starting strong today may be one of the most valuable decisions you make all year.