Uganda on Tuesday launched the 2025 Cybersecurity Awareness Month with calls for stronger partnerships, increased investment, and greater public awareness to counter the rising tide of digital threats facing the country.
The event, spearheaded by Milima Security in partnership with MTN Uganda, MTN MoMo, and other stakeholders, highlighted both progress and persistent gaps in the fight against cybercrime.
Now in its sixth year, the annual campaign runs throughout October under the global theme “Securing the Future: The Rise of AI.” The focus reflects growing concerns about how artificial intelligence (AI), while offering powerful defensive tools, is also enabling hackers to craft more sophisticated attacks.
Milima Security Chief Executive Officer Emmanuel Chagara told the gathering of policymakers, industry players, and journalists that Uganda cannot afford complacency.
“Over the past year we have seen a significant rise in cybercrime and digital fraud, particularly targeting the financial sector and digitally enabled businesses,” he said.
Chagara revealed that Uganda registered losses of 72 billion shillings to cyber threats in 2024, according to the police annual cybercrime report. He pointed to deepfake technology, voice cloning, phishing scams, and mobile money fraud as fast-growing risks.
“A hacker could now call you with a fake voice and trick you into sending money. These are not just futuristic threats—they are already here,” he warned.
While Uganda has made progress, including the 2022 National Cybersecurity Strategy and the 2023 National Digital Transformation Strategy, Chagara cautioned that readiness remains uneven, particularly among small and medium enterprises (SMEs).
“Forty percent of SMEs experienced some form of cyberattack last year. Many think cybersecurity is a problem for big banks or telecoms, but in reality 45 percent of attacks target small businesses,” he said.
With internet penetration at 48 percent of the population—about 23 million users—the country’s expanding digital footprint makes it an attractive target for cybercriminals. Chagara stressed that both government and private institutions must invest more deliberately in cyber defense.
“We cannot defend against 2025 threats with 2010 technologies. We must upgrade systems, train staff, and strengthen internal defenses,” he noted, adding that insider-enabled threats from disgruntled employees remain a major blind spot.
The CEO also cautioned that the upcoming political season could worsen risks. Increased online activity around campaigns, combined with emotionally charged citizens, presents fertile ground for fraudsters.
“We should expect fake fundraising campaigns in the names of political candidates, deepfake videos, and more mobile money fraud. Awareness and vigilance are our best weapons,” he emphasized.
Chagara, however, pointed to success stories. Public awareness has improved, legal frameworks such as the Computer Misuse Act and Data Protection Act are in place, and Uganda remains engaged in global cybersecurity platforms. Initiatives like Milima’s Cybersecurity Academy and penetration testing services are also helping businesses build resilience.
Representing the private sector, Echo Uganda CEO Terrence Alinde emphasized the need for knowledge and capacity-building. His firm, an internet service provider now focused on managed services, is witnessing new challenges as businesses shift to cloud-based platforms.
“The internet is no longer just a product; it is a platform. With that comes the need for cloud security, managed IT services, and skilled professionals who can anticipate threats,” Alinde said.
He noted that many organizations lack the expertise to manage cybersecurity in-house, which leaves them vulnerable.
“We are seeing enterprises that don’t have the resources to manage their IT, and this creates big gaps. That’s why managed security services and public-private collaboration are critical,” he explained.
Both leaders agreed that bridging the knowledge gap is as important as deploying technology.
“Cybersecurity is not just about firewalls and encryption. It is about awareness, education, and a culture of vigilance. The more we train people to recognize phishing scams or fraudulent fundraising campaigns, the safer we all become,” Alinde said.
This year’s campaign will feature regionally hosted events in Lira, Mbale, and Mbarara, before climaxing with the EastCon Cybersecurity Symposium on October 27–28 at the National ICT Innovation Hub in Nakawa. Weekly themes will cover AI risks, digital fraud, and policy frameworks, with a focus on training both business communities and students.
As the month unfolds, cybersecurity leaders say the responsibility lies with everyone—from government and big corporations to SMEs and individual users. “Hackers are not only outsiders. Sometimes they are insiders—disgruntled employees within organizations. That’s why designing secure systems and educating staff is critical,” Chagara concluded.
Uganda’s message this October is clear: while digital transformation is inevitable, securing it is a shared duty