Four trends paving the way for the future of cybersecurity in South Africa

Issue 4 2023 Information Security


Colin Erasmus.

It was around three and a half decades ago that the world experienced its first major security attack. The Morris Worm shut down 10% of the internet in just 24 hours, sending unsuspecting businesses into a tailspin. And so it was, that the very first Computer Emergency Response Team was born, marking an important milestone in modern cybersecurity.

Looking back, it’s fascinating to see how far incident response has come – especially as we stand on the cusp of another tidal shift in the tech landscape. With the revolutionary capabilities of AI in the spotlight, the future of cybersecurity is a key topic of conversation, especially for businesses in South Africa who have proven to be vulnerable to attack.

As a new era in cybersecurity unfolds, these four key trends will help shape the security discourse.

Ransomware is becoming more sophisticated

While Africa – and South Africa – have always been a prime target for malware and ransomware attacks, these occurrences are increasing in number and sophistication. In fact, Interpol’s Africa Cyberthreat Assessment report found that South Africa leads the continent in the number of cybersecurity threats identified, and that it also has the highest targeted ransomware and business email compromise (BEC) attempts.

Recent Microsoft-IDC research on enterprise security trends shows that the growing number of ransomware attacks is among the top three security priorities for South African organisations, with 45% identifying protection against harmful ransomware and malware attacks as a key focus area.

Moving forward, hackers will continue to use these tried-and-tested techniques, but will also make use of AI to enhance the speed and accuracy of attacks.

Smarter workplaces provide hackers with new entry ways to networks

Over the past few years, South African organisations have made significant changes to their cybersecurity strategies to accommodate the growing number of remote users that need access to mission critical data and applications. The Microsoft-IDC research reveals that organisations are placing the bulk of their focus on endpoint security and access management solutions, with 65% already invested in endpoint protection solutions and 61% in access management.

But while IT teams have been preoccupied by remote work, largely perceiving ransomware as an IT-focused threat, these attacks have become more prevalent in operational technology (OT) environments – including everything from industrial equipment to HVAC controllers and elevators.

Microsoft’s threat intelligence has revealed an increase in threats exploiting OT controllers and IoT devices like routers, printers and cameras, driven largely by hybrid workplaces and the growing interconnectivity among organisations.

The IT world is increasingly being brought together with the OT world, introducing new and severe risks, with attackers now able to jump between formerly physically isolated systems. Suddenly everything from cameras to smart conference rooms are providing hackers with new entryways into workspaces and other IT systems.

AI is becoming more mainstream

The good news, however, is that AI and machine learning are arriving in technology’s mainstream. The Microsoft-IDC research shows that around 39% of companies in South Africa plan to address security concerns by improving the automation of processes and integration of technologies.

And while there has long been a perception that attackers – even those using age-old techniques – have the advantage of surprise, AI can swing the agility pendulum back in favour of defenders.

Al empowers defenders to see, classify and contextualise much more information, much faster. Its radical capabilities and speed give defenders the ability to deny attackers their agility advantage.

The growing skills gap will become less challenging

AI also enables human defenders to operate more quickly and efficiently than before. This is key for IT teams across the region, given the growing skills gap among security professionals. Around 53% in South Africa identified upskilling as a vital step to increase the level of security in their organisation, according to the Microsoft-IDC research.

Automated and intelligent tools empower security professionals to focus on security strategy and culture rather than sitting behind a computer watching and managing incoming signals that indicate attacks or zero-day vulnerabilities. The more teams can use AI to provide clear views of cyberthreats, the more they can open the door for entry-level talent, while also freeing highly skilled defenders to focus on bigger challenges.

AI is a new area for defenders, and as organisations increasingly develop new AI systems, they need to understand how these systems can be breached, and how attackers can leverage AI systems to carry out attacks. This is where innovative new tools like Microsoft Counterfit can play a pivotal role in helping security teams conduct AI security risk assessments and think through such attacks.

Though Al won't be the silver bullet that solves security in 2023, it is the turning point for rapid acceleration in protecting against bad actors. Businesses simply cannot afford to underestimate the way AI innovation over the next few years will impact the security industry in South Africa.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
DeepSneak deception
Information Security News & Events
Kaspersky Global Research & Analysis researchers have discovered a new malicious campaign which is distributing a Trojan through a fake DeepSeek-R1 Large Language Model (LLM) app for PCs.

Read more...
SA’s strained, loadshedding-prone grid faces cyberthreats
Power Management Information Security
South Africa’s energy sector, already battered by decades of underinvestment and loadshedding, faces another escalating crisis; a wave of cyberthreats that could turn disruptions into catastrophic failures. Attacks are already happening internationally.

Read more...
Almost 50% of companies choose to pay the ransom
News & Events Information Security
This year’s Sophos State of Ransomware 2025 report found that nearly 50% of companies paid the ransom to get their data back, the second-highest rate of ransom payment for ransom demands in six years.

Read more...
Survey highlights cost of cyberdamage to industrial companies
Kaspersky Information Security News & Events
The majority of industrial organisations estimate their financial losses caused by cyberattacks to be over $1 million, while almost one in four report losses exceeding $5 million, and for some, it surpasses $10 million.

Read more...
Digital economy needs an agile approach to cybersecurity
Information Security News & Events
South Africa is the most targeted country in Africa when it comes to infostealer and ransomware attacks. Being at the forefront of the continent’s digital transformation puts South Africa in the crosshairs for sophisticated cyberattacks

Read more...
SIEM rule threat coverage validation
Information Security News & Events
New AI-detection engineering assistant from Cymulate automates SIEM rule validation for SecOps and blue teams by streamlining threat detection engineering with automated testing, control integrations and enhanced detections.

Read more...
Cybersecurity a challenge in digitalising OT
Kaspersky Information Security Industrial (Industry)
According to a study by Kaspersky and VDC Research on securing operational technology environments, the primary risks are inadequate security measures, insufficient resources allocated to OT cybersecurity, challenges surrounding regulatory compliance, and the complexities of IT/OT integration.

Read more...
Cybersecurity in South Africa
Information Security
According to the Allianz Risk Barometer 2025, cyber incidents, including ransomware attacks, data breaches and IT outages, are now the top global business risk, marking their fourth year at the top.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.