CEO Letter - September 2025

As we step into the final quarter of 2025, it’s clear that Africa is not just participating in the global digital economy - we’re reshaping it on our own terms. At Deimos, we’ve spent the year working alongside pioneering organisations across the continent, and we’re seeing the trends up close: infrastructure is maturing, multi-cloud strategies are becoming standard, and data sovereignty is no longer optional - it’s the baseline.

This month, we’ve published a detailed look at the cybersecurity trends shaping Africa in 2025. I encourage you to read it, because it captures something essential: that progress brings exposure. Every innovation - whether it’s AI-driven analytics or low-code mobile platforms - introduces new attack surfaces and compliance demands. Allow me to share a few reflections from what we’re seeing on the ground:

Infrastructure went regional, but security hasn't kept pace.

Shared Digital Infrastructure (SDI) initiatives are accelerating across West and East Africa, which is a powerful step forward. Yet too often, security practices, interoperability standards, and visibility across regional nodes lag behind. At Deimos, we’re working with organisations across the continent to close this gap - assessing cloud foundations, strengthening data protections, and ensuring that regional collaboration doesn’t mean regional exposure.

Multi-cloud is here - but so is complexity.

More clients are shifting to multi-cloud for resilience, cost control, and compliance. But that shift creates a new challenge: fragmented security configurations. At Deimos, we’ve been focusing on helping teams unify control through secure-by-default infrastructure patterns and automated governance.

Regulators are enforcing, not just advising.

From Nigeria to Kenya, regulators are issuing fines and setting real consequences for weak compliance. For our clients, compliance is no longer a checklist but an ongoing capability. We embed regular assessments, remediation, and continuous governance into their development lifecycles. Security isn’t a checklist - it’s a capability.

Startups are thriving - but exposed.

We’re energised by the wave of digital inclusion and entrepreneurship in emerging markets. But many SMEs still lack foundational security practices. This is where we’ve stepped in - delivering DevSecOps support, cloud-native enablement, and secure build pipelines to help these teams scale safely.

AI is operational - and exposed.

Businesses are deploying AI models to drive insights and automation, often with little understanding of the associated security implications. From model poisoning to inference attacks, the risks are real. We're integrating AI threat detection and pipeline auditing into our security frameworks to ensure AI accelerates value, not risk.

At Deimos, we believe that security is an enabler - not a blocker. It empowers agility. It earns customer trust. And most importantly, it protects the very innovations that will define Africa’s digital future.

If your organisation is navigating any of these challenges - or preparing for what’s next - we’re here to help. Our focus remains on building secure, compliant, and resilient systems that are fit for scale.

Let’s continue to shape this moment together.

Warm regards,

Andrew Mori

CEO, Deimos