Half of organisations in South Africa reported multiple cyber security incidents in the last year, and the majority suffered at least one security breach, according to a new survey by the Council for Scientific and Industrial Research (CSIR) Information and Cybersecurity Centre.
The CSIR in collaboration with the Cybersecurity Hub under the Department of Communication and Digital Technologies this week announced the release of four national cyber security surveys conducted at the end of the 2023/24 financial year. Over 300 responses were collected for each survey, resulting in a total of over 1200 individuals and organisations participating.
One of the key findings concerned the prevalence of cyber attacks: A significant 47% of organisations reported experiencing 1-5 cyber security incidents in the past year, underscoring the persistent threat landscape, the CSIR said.
A concerning 88% of participants admitted to suffering at least one security breach, with 90% of those organisations being targeted multiple times.
Malware and phishing attacks emerged as the most common cyber threats, with organisations reporting a high incidence of these attacks.
Only 32% of the respondents indicated that over half of their employees have received cyber security awareness training in the past year, indicating a serious gap in organisations’ seriousness in building cyber security awareness and culture.
A critical challenge identified by the surveys was the cyber security skills gap, with 63% of cyber security roles partially or fully unfilled. Retaining cyber security talent is another pressing issue, with 35% of professionals citing better offers, lack of training opportunities, and other factors as reasons for leaving their current positions.
Only 41% of the organisations are assessing and monitoring cyber threats on daily basis, indicating that majority of organisations are not prepared to deal with cyber threats which according to Telecom Review Africa, South Africa experiences almost over 20 million cyber security threats or attacks per month.
The CSIR found that financial institutions (88.0%) were considered the most important driver of the South African digital identity market. Over two-thirds mentioned both encryption and privacy technologies (71%) and biometrics (68%) as drivers, while half reported identity theft being a serious concern that can be addressed by digital identity.
Dr Jabu Mtsweni, Head of the CSIR Information and Cybersecurity Centre, emphasised the significance of these surveys, stating, “In today’s interconnected world, cyber security is a paramount concern. These national surveys provide a comprehensive assessment of our cyber security posture and highlight areas where we need to strengthen our defences as a country, and further they provide local and contextual research in this domain”.
Dr Kiru Pillay from the Cybersecurity Hub commented that while the integration of ICTs into daily life has greatly benefited society, increased digital connectivity also introduces significant risks, as cybercriminals exploit vulnerabilities in cyberspace. “Cyber security must therefore be prioritised as a strategic imperative across all aspects of governance and service delivery. Studies like these are crucial in helping us understand our current standing as a country and determine where we should focus our initiatives.”
Based on the survey findings, the CSIR recommends investing in cyber security infrastructure, education, and research; developing a skilled cyber security workforce; strengthening incident responses; improving digital identity; and fostering public-private partnerships.
The CSIR said it believes that by addressing these recommendations, South Africa can significantly improve its cyber security posture and protect its critical infrastructure and citizens from cyber threats.