Unlike other types of crime, the majority of cybercrime incidents in Uganda and the East African Community go unreported, primarily due to the affected entities’ efforts to protect their reputations. Often, victims are financial institutions entrusted with safeguarding customer deposits. They are obliged to keep customer data safe. In 2022 and 2023, the reported annual costs of cybercrime, according to the Uganda Annual Police Report, were UGX 19,193,008,000 and UGX 1,165,850,696, respectively (see Figure 16). Figure 16: Cost of cybercrime in Uganda, Source: Annual reports of Uganda Police Force.  Over the years from 2016, the annual cost of cybercrime in…

In an age where one wrong decision can erode years of progress, Key Risk Indicators (KRIs) have become a powerful governance tool. Yet, most KRI dashboards in organizations today are incomplete, outdated, or too focused on technical metrics that fail to drive meaningful boardroom conversations. At Summit Consulting Limited, we believe the purpose of a KRI dashboard is not just to tick compliance boxes, but to connect risk directly to strategy and decision-making. That’s why we developed a Board-Calibrated KRI Register, a practical table designed to help leadership teams see risks clearly, act early, and lead with confidence. It is…

Boards do not hate auditors, but what they truly hate are surprises disguised as reports, issues that surface long after decisions have been made, risks have matured, and opportunities have been lost. In many organizations, audits are still perceived as backward-looking exercises focused on profiling compliance failures and pointing out what went wrong. This perception reduces the internal audit function to a reactive watchdog instead of positioning it as a strategic ally. To change this, audits must evolve. They must shift from merely highlighting historical gaps to providing forward-looking insights. Boards want to know not just what went wrong yesterday,…

As East Africa rapidly embraces digital transformation, the region is increasingly becoming a target for sophisticated cybercriminal networks. In particular, Uganda, Kenya, Tanzania, and Rwanda face growing cyber threats as businesses, government agencies, and service providers expand their digital footprints. This surge in digital adoption, while fueling innovation and economic growth, also expands the attack surface, exposing critical systems, applications, and data to serious risks. Cybersecurity is no longer a luxury; it is a strategic imperative. The cyber threat landscape in Uganda and the broader East African region is intensifying. Businesses are relying more on digital platforms to serve customers…

Course description: The Certified Fraud Examiner (CFE) Training Program equips participants with the essential skills to detect, deter, and prevent fraud in various industries across all sectors of an organization. By completing this comprehensive course, participants will gain an in-depth understanding of fraud investigation, ethical practices, legal frameworks, and the implementation of effective fraud prevention strategies. This certification not only boosts your career prospects but also enhances your marketability, job security, and earning potential. Upon completion, you will be prepared to confront fraud in both private and public sectors, develop professional investigative reports, and mentor others on the significance of…

Recently, I had a rare opportunity to engage with Church leaders from across the country at Uganda Martyrs University (UMU) during an on-campus leadership training. It was a room full of priests, nuns, and lay leaders, men and women deeply committed to mission, but also going through modern leadership challenges that Sunday sermons do not quite prepare one for. After the presentation, I received an email from one of the participants who said, “Mr. Strategy, why do some members avoid tough conversations?” A very good question. My response from my experience with public and private boards is not related in…