According to a research by MarketsandMarkets, the agentic AI security market is projected to grow from USD 1.65 billion in 2026 to USD 13.52 billion by 2032, at a CAGR of 42.0% during the forecast period.

The report indicates that attackers are increasingly exploiting vulnerabilities in datasets, models, and runtime processes through data poisoning, model manipulation, and inference attacks.

As enterprises rely more on AI-driven decisions, securing these environments becomes critical to ensure accuracy, integrity, and resilience.

Key Players in Agentic AI Security Market

1. Microsoft(US),
2. Palo Alto Networks(US),
3. CrowdStrike(US),
4. Straiker, SentinelOne (US),
5. Okta (US),
6. Cloudflare (US),
7. Cato Networks (Israel),
8. Check Point Software Technologies (Israel),
9. Securiti (US),
10. HiddenLayer (US),
11. Noma Security (Israel),
12. Obsidian Security (US),
13. Mindgard (UK),
14. DeepKeep (Israel),
15. Enkrypt AI (US),
16. Pillar Security (US),
17. Astrix Security (Israel),
18. Natoma (US)

By organization size, the SMEs segment is expected to register the highest CAGR during the forecast period.

SMEs are expected to witness the fastest growth in the agentic AI security market as they increasingly adopt AI-driven tools and autonomous systems to improve operational efficiency and decision-making.

Unlike large enterprises, SMEs are often moving directly toward AI-native applications, including agent-based automation across customer service, marketing, and operations.

This rapid adoption is exposing them to new security risks, including unauthorized agent actions, data leakage, and vulnerabilities in AI models.

At the same time, SMEs typically have limited in-house cybersecurity expertise and resources, making them more reliant on external solutions.

This is driving strong demand for managed security services, AI-native security platforms, and easy-to-deploy tools that can provide protection without requiring deep technical expertise.

As awareness of AI-related risks continues to grow and more SMEs integrate autonomous systems into their workflows, their spending on agentic AI security is expected to increase at a faster pace compared to large enterprises, making this segment the fastest-growing in the market.

By deployment mode, the infrastructure layer segment is estimated to lead the market during the forecast period.

The infrastructure layer segment is expected to hold the largest share of the agentic AI security market, as it represents the foundational environment in which AI models, agents, and applications are developed, deployed, and executed.

Enterprises continue to rely heavily on cloud platforms, data centers, and high-performance computing environments to run agentic AI systems at scale. As a result, securing this layer becomes a priority, since any vulnerability at the infrastructure level can impact the entire AI stack.

Organizations are investing in securing compute resources, containerized environments, and cloud-native architectures to ensure safe deployment of AI workloads.

Additionally, the growing adoption of hybrid and multi-cloud environments further increases the need for consistent infrastructure-level security controls.

This includes runtime protection, workload isolation, and continuous monitoring of infrastructure behavior.

Since all higher layers, including models and agents, depend on this foundation, spending at the infrastructure level remains significant, making it the largest segment in the market.

By region, the Asia Pacific is expected to register the highest CAGR during the forecast period.

Asia Pacific is emerging as a high-growth region in the agentic AI security market, driven by the rapid adoption of AI technologies and increasing exposure to AI-enabled cyber threats.

According to IBM, Asia Pacific recorded the highest average cost of data breaches in several countries, reflecting growing security challenges in digital environments.

AI-driven attacks are also rising across the region, particularly in sectors such as BFSI, telecom, and manufacturing, where automation and AI adoption are accelerating.

According to Check Point Software Technologies, organizations in Asia experience a high volume of weekly cyberattacks, many of which are increasingly leveraging AI-based techniques.

The data places Nigeria at the centre of a continental problem. While Africa’s digital economy is expanding speedily, security readiness is struggling to keep pace. 

Across the continent, organisations recorded an average of 3,153 cyberattacks per week, compared with 1,963 globally, putting Africa among the most targeted regions in the world.

In Nigeria, the financial sector is the main target. Banks, payment platforms, and fintech firms continue to face heavy pressure from phishing, business email compromise, and credential theft. 

Telecoms, energy, and healthcare operators are also seeing growing exposure as cloud services, mobile platforms, and connected devices are rolled out faster than security controls can mature.

The unique part is not just volume, but method. Across Africa, 77% of organisations were affected by information disclosure incidents, meaning sensitive data was exposed through misconfigurations, weak access controls, or unsecured systems. 

Email is the most effective entry point, responsible for 80% of malicious file delivery, showing that basic weaknesses are still being exploited at scale.

Ransomware has also changed shape. The report shows that 41% of major incidents in Africa now involve data-leak extortion, where attackers steal information and threaten public exposure rather than relying solely on system encryption. 

This approach increases reputational damage and regulatory risk, even when core operations remain running.

In Nigeria, identity theft, stolen session tokens, and API abuse are now more common than traditional malware attacks. In simple terms, attackers are logging in using valid credentials instead of forcing their way through defences.

Beyond Nigeria, several African countries are facing high pressure when it comes to cyberattacks. Kenya recorded 3,758 attacks per organisation each week, while South Africa, Morocco, and other markets continue to see heavy targeting of government services, education systems, and telecom infrastructure.

The operational cost of these attacks is rising. African organisations take an average of 18 days to detect and contain a breach, six days longer than the global average. The report links this delay to skills shortages, fragmented tools, and limited incident response capacity across many sectors.

High-profile incidents in 2025 underline the risk. Data exposure at Seychelles Commercial Bank, service disruption at South African Airways, and unauthorised access to customer data at MTN South Africa all followed a similar pattern: customer-facing systems were targeted, investigations were triggered, and trust became the real casualty.

Regulation is now increasing the pressure. With Europe enforcing stricter cybersecurity regulations under the NIS2 directive, African companies that trade with EU partners are expected to prove strong cyber controls as a condition for market access. Security, the report notes, has become a commercial requirement, not a back-office concern.

From Nigeria to the rest of the continent, Africa’s digital growth is speeding up, but attackers are moving just as fast. 

Cybersecurity in Africa has gone beyond preparing for future risks. The threat is already here, and for countries like Nigeria, the cost of inaction is becoming impossible to ignore.

Theiss, who has built his career leading marketing operations in technology and enterprise software, steps into the role with over 20 years of experience.

His mandate at Check Point is to lead global marketing efforts, boost demand generation, and position the company for continued leadership in cybersecurity.

Announcing the appointment, Check Point’s Chief Executive Officer, Nadav Zafrir, said: “Brett’s track record of building global brands and delivering measurable growth makes him an outstanding addition to our leadership team. As organisations navigate the complexities of AI, cloud, and hybrid work, Brett’s leadership will ensure Check Point’s story is told with clarity, impact, and vision.”

Before joining Check Point, Brett Theiss was Chief Marketing Officer at BeyondTrust and Anaplan, where he led innovations that translated into effective business expansion. 

He has also held senior positions at Xactly, Lumen Technologies, and AT&T, building a reputation for aligning marketing with both business outcomes and customer expectations.

In his own words, Theiss noted his commitment to the company’s mission: “Check Point is at the forefront of protecting enterprises against the most advanced cyber threats, with a powerful story to tell. I am thrilled to join this world-class team to further elevate the brand, deepen customer engagement, and help accelerate the company’s next phase of growth.”

Theiss holds a Bachelor’s degree in Business Administration from Millsaps College and a Master of Law from Texas A&M University. He is recognised in the industry for building high-performing teams and establishing marketing strategies that deliver long-term impact.

This is the view of Lionel Dartnall, SADC Country Manager of Check Point Software Technologies, a pioneer and global leader of cyber security solutions.

“Digital transformation is reshaping the manufacturing landscape, bringing both new opportunities and significant risks. As manufacturing operations increasingly rely on interconnected systems, cybersecurity has become a critical concern,” he says. 

From ransomware to supply chain vulnerabilities, African manufacturers face cyber threats that not only jeopardise their financial stability but also disrupt global operations.

Fortunately, by adopting a multi-layered approach to cybersecurity manufacturers can not only defend against attacks but also improve operational efficiency. 

Impact of manufacturing sector in Africa

Manufacturing plays a huge role in many African economies, contributing significantly to GDP, employment, and industrial development. However, as the sector adopts more digital technologies, the risk of cyberattacks is escalating, impacting not just African manufacturers themselves but the broader economy.

According to the World Economic Forum, manufacturing accounts for about 10% of Africa’s total GDP on average. In 2023, Africa’s manufacturing output was valued at $500 billion, with key sectors such as food processing, textiles, and consumer electronics experiencing significant growth. 

Manufacturing in South Africa alone contributes close to 13% to the GDP, about $29 billion, according to PWC’s  2024 Manufacturing Analysis. Ethiopia, Kenya, and Morocco have also seen growth in their manufacturing sectors, with notable advancements in textiles, automotive, and consumer goods production. 

1.     Job Creation

The manufacturing sector is also a major source of employment across the continent. According to the 2024 South African Reserve Bank Occasional Bulletin of Economic Notes,  it accounts for about 12% of formal sector jobs in the country, with Nigeria also relying on manufacturing for significant employment, particularly in agro-processing and cement industries. Across the continent, manufacturing provides critical income and skill development opportunities, especially in industrial hubs like Lagos, Nairobi, and Johannesburg.

2.     Investment and Infrastructure

In response to increasing demand, several African nations are investing heavily in manufacturing infrastructure. New industrial parks and special economic zones (SEZs) in countries like Ethiopia, Egypt, and Rwanda are attracting foreign direct investment (FDI) and driving sector growth. As a result, Africa is positioning itself as an increasingly attractive destination for global manufacturing investments.

Rising Cybersecurity Threats to the Manufacturing Sector

As the sector has grown in significance, so the cybersecurity threat landscape has become more complex and perilous. Check Point Software’s  The State of Global Cyber Security 2025 Report revealed a 44% increase in global cyber attacks in 2024, signaling that threats are rapidly evolving, with the manufacturing sector being a prime target. 

In the third quarter of 2024 alone, manufacturing globally saw a 75% increase in cyber-attacks compared to the previous year, with organisations experiencing an average of 1,876 attacks each.  This is  a 15% rise from the previous quarter.

Cybersecurity Risks in Africa’s Manufacturing Sector

Despite its importance, African manufacturing sector faces significant cybersecurity challenges. The increasing digitalisation of manufacturing processes, combined with the integration of IT and OT, has exponentially raised the risk of cyberattacks. This is becoming a systemic issue with the potential to destabilise entire economies.

“Manufacturers face unique vulnerabilities due to their reliance on outdated legacy systems that are hard to patch and the growing integration of operational technology (OT) and information technology (IT),” Dartnall says.

• Internet of Things

Additionally, the increasing use of Internet of Things (IoT) devices in Africa’s manufacturing facilities creates further vulnerabilities, enabling attackers to exploit weaknesses in factory networks.

• Ransomware

Manufacturers are particularly vulnerable to ransomware because attackers know that shutting down production can result in severe financial damage. These threats are no longer hypothetical: According to the Waterfall Security Solutions’ 2024 Threat Report , in 2023, 68 cyber-attacks in Africa’s manufacturing sector led to substantial operational disruptions, causing  physical damage across over 500 manufacturing sites, leading to production shutdowns and logistical delays. 

• Supply Chain Risks

Africa’s manufacturing supply chains are often intricate, involving numerous suppliers, contractors, and logistics providers, all of which can serve as entry points for cybercriminals. The rise of cloud services in manufacturing has also introduced risks related to misconfigured cloud settings, data breaches, and attacks targeting third-party services.

Economic Impact of Cybersecurity Breaches

The economic consequences of cybersecurity breaches in Africa’s manufacturing sector are profound. Cyberattacks not only lead to financial losses but also damage reputations, erode investor confidence, and disrupt national economies.

1.     Losses and Operational Disruptions

Cyberattacks that disrupt operations lead to substantial financial losses, including the cost of system recovery, production downtime, and data restoration. In 2023, the cost of cybercrime in Africa was estimated at $4.1 billion annually, with a significant portion attributed to manufacturing disruptions.

2.     Impact on GDP and Job Losses

In countries like South Africa, where manufacturing is a key driver of the economy, cyberattacks can significantly impact GDP. In 2024, cybercrime was estimated to cost South Africa nearly 1% of its GDP, according to Check Point’s 2024 African Perspectives on Cybersecurity Report. 

Furthermore, production shutdowns resulting from cyberattacks can lead to widespread job losses, especially in sectors like manufacturing where smooth operations are critical for employment.

Enhancing Cybersecurity While Improving Operational Efficiency

To mitigate these risks, African manufacturers must adopt a multi-layered cybersecurity approach that not only defends against attacks but also improves operational efficiency. One such solution is Secure Access Service Edge (SASE), which integrates networking and security into a unified system, helping manufacturers safeguard their networks while boosting productivity and minimizing downtime.

• Use Case 1: Operational Transformation

Take the case, for example, of an African manufacturer facing increased competition and pressure to reduce operational costs. After an internal audit, the company identified significant inefficiencies, including machine idle time, poor connectivity, and excessive IT tickets related to connectivity and security issues.

By implementing a SASE solution such as Check Point’s Harmony SASE, the manufacturer was able to address these challenges. The improved network performance resulted in faster access to cloud resources, eliminating bottlenecks and reducing downtime.

As a result, it saw a 23% improvement in on-time delivery rates and reduced machine idle time below industry benchmarks. In addition to enhanced security, the company saved money by retiring costly MPLS systems that were previously used to connect production facilities and warehouses.

• Use Case 2: Securing a Complex Supply Chain

Another example comes from African manufacturers with a highly complex supply chain, spanning multiple suppliers, remote employees, and third-party contractors. With so many entry points, the security team was concerned about breaches, particularly of the company’s research and development systems. 

After adopting a SASE solution such as Check Point Harmony SASE, the company strengthened its security posture by implementing a Zero Trust model that restricted supplier access to only necessary areas of the network. 

This approach segmented the network and reduced lateral movement, protecting sensitive systems. The results were significant: the company saw a 30% reduction in security alerts and successfully thwarted several unauthorised access attempts. Moreover, by improving security across the supply chain, the company enhanced its overall risk management.

The frequency and sophistication of cyber-attacks on the manufacturing sector are escalating, underscoring the urgent need for comprehensive cybersecurity solutions. 

“Manufacturers must view cyber security as a strategic tool that enhances both security and operational efficiency. By embracing technologies like SASE, manufacturers can protect against cyber threats while driving productivity, reducing costs, and gaining a competitive edge in the global marketplace,” Dartnall concludes.

In today’s digital manufacturing era, strong cybersecurity is not just an option—it is essential for long-term success.

This is according to Check Point Software Technologies’ January 2025 Global Threat Index, which reveals that FakeUpdates malware is at the top of cybercrime, enabling large-scale ransomware attacks across the continent.

FakeUpdates is a downloader malware that cybercriminals use to launch ransomware attacks. First detected in 2018, FakeUpdates typically infiltrates systems through deceptive browser update prompts on compromised websites.

Ethiopia Leads as Most Attacked

Ethiopia ranks first globally with a 100% Normalised Risk Index, making it the most targeted nation out of 109 surveyed. Zimbabwe, Angola, and Uganda follow, securing positions within the top 10. Nigeria, which was ranked 13th in the previous report, has moved up to 11th place with an increased risk index of 62.7.

The rankings for other African countries in the top 20 are:

• Zimbabwe – 5th place (77.7)
• Angola – 9th place (66.1)
• Uganda – 10th place (64.5)
• Nigeria – 11th place (62.7)
• Kenya – 14th place (59.4)
• Ghana – 16th place (58.9)
• Mozambique – 17th place (57.9)

South Africa, which previously ranked higher, has dropped three spots to 66th place, while Egypt ranks 97th, making it the least attacked country in Africa.

How FakeUpdates Malware Fuels Cyber Threats

Security experts have traced several ransomware attacks back to FakeUpdates, which continues to be a favoured tool among cybercriminals. A recent investigation found that an affiliate of the ransomware group RansomHub used a Python-based backdoor to maintain access and deploy ransomware. 

This technique, coupled with lateral movement via Remote Desktop Protocol (RDP), allowed attackers to establish prolonged access through scheduled tasks.

Maya Horowitz, VP of Research at Check Point Software, stated: “AI is transforming the cyber threat landscape, with cybercriminals rapidly evolving their methods, leveraging AI to automate and scale their tactics and enhance their capabilities. To effectively combat these threats, organizations must move beyond traditional defences and adopt proactive, adaptive AI-powered security measures that anticipate emerging risks.”

Other Malware Threats on the Rise

Beyond FakeUpdates, the report identified other highly active malware families:

• Formbook – An infostealer malware that extracts credentials, logs keystrokes, and downloads additional malicious files.
• Remcos – A Remote Access Trojan (RAT) that exploits Windows vulnerabilities to bypass security restrictions.

For mobile devices, the most active threats include:

• Anubis – A banking trojan capable of bypassing multi-factor authentication and recording keystrokes.
• AhMyth – A remote access trojan that disguises itself as a legitimate app to steal sensitive information.
• Necro – An Android malware that downloads and executes malicious components.

Most Targeted Sectors and Ransomware Groups

According to the report, the education, government, and telecommunications sectors are the most attacked industries globally. Among ransomware groups, Clop was identified as the most active, responsible for 10% of known attacks. It was followed by FunkSec (8%) and RansomHub (7%).

The findings highlight the growing cybersecurity risks faced by African nations, reinforcing the need for stronger digital defences against evolving threats.

Data from Zippia confirms this imbalance. While women make up 48% of the global workforce, they represent only 24% of the cybersecurity workforce. 

The difference is even more pronounced in leadership, where just 16% of cybersecurity industry vice presidents, on average, are women.

“This disparity isn’t just a pipeline problem—it’s also a perception problem. Girls and young women often don’t see cyber security as an accessible career path due to a lack of representation, industry stereotypes, and systemic barriers,” says Lorna Hardie, regional director: Africa, Check Point Software Technologies. 

But breaking into cybersecurity isn’t just about numbers; the need to reshape the future of digital defence with diverse perspectives, innovative problem-solving, and inclusive leadership, is highly important.

Cybersecurity Talent Shortage: A Missed Opportunity

The cyber security industry faces a critical talent shortage, with an estimated 4 million unfilled cyber security jobs worldwide according to a recent World Economic Forum report. 

The same study found that in Africa, there were only an estimated 20,000 certified cybersecurity professionals on a continent of over 1.2 billion people.

“Cybersecurity is an ultra-dynamic field where creativity and innovation are crucial. Fresh perspectives are essential to staying ahead of cyber adversaries. By attracting more women to cybersecurity, we not only address the talent gap but also enhance problem-solving and security outcomes,” Hardie says.

The Women Defending the Digital Frontlines

Despite the challenges, many women have risen to leadership positions in cybersecurity, proving that they are just as capable—if not more so—than their male counterparts.

“At Check Point, for example, women hold 44% of top leadership positions, overseeing 78% of employees. This is a testament to the company’s commitment to mentorship, leadership programs, and inclusive hiring,” she adds. “Cyber security needs more female leaders to drive innovation and stronger business outcomes.”

“Closing the gender gap in cybersecurity is not just a matter of equality. We need to ensure cyber security careers are accessible and attractive to women. This includes education, professional development, inclusive recruitment measures, and mentorship programs.”

Cybersecurity Needs More Women—But Where Are They?

If cyber security desperately needs talent, and women are proving their ability to lead, why aren’t more women entering the field? The barriers are deep-rooted and multifaceted.

1. Lack of Early Exposure & STEM Education Gaps

Despite progress, women remain a minority in STEM fields like computer science, engineering, and IT. A UNESCO science report “To be Smart, the Digital Revolution will need to be Inclusive” found that even though women make up 44% of PhD holders, only 33% of them stay in research roles.

To combat this, Check Point has launched several initiatives to introduce young girls to cyber security early, including:

• SecureAcademy Program – Integrating cyber security into university curricula.
• Graduate & Mentorship Programs – Offering training, networking, and career development for young women entering the field.

2. Perception & Confidence Barriers

Many young women still do not see cybersecurity as a viable career path. The industry’s hacker culture and male-dominated image can be intimidating, deterring women before they even start.

Hardie points out, “You can’t be what you can’t see. Seeing women succeed in cyber security sets a powerful example for the next generation.”

3. Career Progression Challenges

Even when women enter cyber security, they face challenges moving up the ranks. Women are less likely to be promoted to senior positions, despite being equally productive. Studies show that:

• Women receive 25% less research funding than men according to a recent UNESCO science report “To be Smart, the Digital Revolution will need to be Inclusive”.
• According to the UNESCO report, in New Zealand, for example, a man’s odds of being ranked professor were more than double that of a woman with similar qualifications.

This is why mentorship, sponsorship, and leadership training programs are critical to helping women advance in cyber security.

Building the Future: How to Get More Women into Cybersecurity

1. Industry Support & Inclusive Hiring

Companies need to go beyond hiring quotas and create genuine opportunities for women to thrive. At Check Point, 41% of new hires in the EMEA region are women, a step toward balancing representation.

2. Stronger Mentorship & Leadership Development

• Check Point’s FIRE (Females in Roles Everywhere) initiative is dedicated to fostering a strong network of women in cybersecurity.
• Formal mentoring programs help women navigate career challenges, gain confidence, and access leadership roles.

3. Changing the Narrative

Cybersecurity isn’t just about hacking and coding—it’s about problem-solving, risk management, and protecting digital communities. Encouraging women to explore diverse roles in cybersecurity, from AI-driven security to cyber law, can expand interest and participation.

A Call to Action

As we celebrate International Day of Women & Girls in Science, it’s clear that cybersecurity needs more women—not just to close the talent gap, but to create stronger, smarter, and more inclusive digital defences.

• If you’re a woman considering a career in cybersecurity, seek out training programs, mentorships, and networking opportunities.
• If you’re a cybersecurity professional, advocate for more inclusive hiring and leadership opportunities.
• If you’re a business leader, invest in diversity programs—because a more inclusive cybersecurity industry is a stronger one.

“The future of cybersecurity depends on breaking both (fire)walls and glass ceilings. We can each do much more to ensure the next generation of cyber defenders sees women leading the way,” Hardie concludes.

The report revealed that eight African countries were ranked among the top 20 most attacked nations worldwide, with Nigeria placing 13th.

Ethiopia led the African rankings, topping the global list with a Normalised Risk Index of 98.2%, while Uganda, Angola, and Ghana secured the 8th, 9th, and 11th spots, respectively. 

Nigeria followed closely with a Normalised Risk Index of 62.3%. Other African countries on the list included Kenya (17th), Mozambique (18th), and Côte d’Ivoire (20th).

The African continent is being targeted for its growth in digital technology leverage, with cybercriminals using sophisticated tactics like artificial intelligence (AI)-driven ransomware.

One of the major groups in December was FunkSec, a new ransomware-as-a-service (RaaS) group responsible for 14% of all reported ransomware attacks that month. 

FunkSec’s growth has been linked to its AI-powered double-extortion techniques, where stolen data is both encrypted and held for ransom. Although many of FunkSec’s victim reports were questioned for authenticity, the group’s rise poses a huge threat to global cybersecurity.

In addition to FunkSec, other malware families such as FakeUpdates and AgentTesla were also disturbing threats in December. FakeUpdates impacted 5% of organisations globally, while AgentTesla used keylogging and credential theft to target 3% of businesses.

Mobile devices were not spared, with banking Trojans like Anubis and Necro exploiting vulnerabilities to steal credentials and install malicious software.

The growing sophistication of cyberattacks reiterates the need for enhanced cybersecurity measures. Maya Horowitz, vice president of Research at Check Point, emphasised that organisations must stay ahead of these threats by adopting advanced security tools to defend against AI-powered ransomware and other emerging risks.

Cybercriminals are targeting high-value systems and using sophisticated encryption methods to extort businesses. 

Hence, organisations must focus on building stronger defences against ransomware groups, including RansomHub and LeakeData, as mentioned in the global threat index report, strengthening their security strategies to mitigate the risks caused by these evolving threats.