Cybersecurity has stopped being a big-company problem. Most attacks today are automated and indiscriminate — they scan the whole internet for a weak password, an unpatched system or a convincing way to trick a busy employee, and they do not care whether you are a bank in London or a 12-person business in Gaborone. If anything, smaller organisations are hit more often, precisely because they assume they are too small to be a target and skip the basics.
This pillar is our practical, no-jargon guidance on defending a Botswana or African business. It covers the threats that actually cause damage here — ransomware, phishing, account takeover, lost or stolen devices — and the controls that genuinely stop them, most of which cost little or nothing beyond the discipline to set them up and keep them running.
It also covers the part of security that is specific to operating here: the Botswana Data Protection Act, 2018 and what it expects of any business holding personal information, the reality of patchy connectivity and shared devices, and how to get enterprise-grade protection without an enterprise budget by combining good configuration, the right cloud services and a partner who watches things for you.
Our bias throughout is the same as everywhere on this site: practical, honest, and proportionate. We will tell you which few controls deliver the overwhelming majority of the protection, and we will not try to frighten you into buying things you do not need. Start with the articles below, and if you would like an assessment of where your business actually stands, that is exactly what our security and compliance service is for.