Safeguarding AI investments in SA: Navigating key security imperatives

Doug Woolley, General Manager and Vice-President, Dell Technologies South Africa.

---

Across South Africa, artificial intelligence (AI) is redefining industries, inspiring innovation, improving operations and driving growth. The government and businesses are capitalising on AI's potential to enhance customer experiences and gain a competitive advantage.

Forecasts indicate that AI could contribute trillions to the global economy by 2030, while in South Africa the AI market is projected to reach $1.04 billion in 2025 alone, and a market volume of $4.19 billion by 2031. However, as businesses and governments adopt AI at an accelerating pace, new security challenges arise, demanding vigilant attention to protect these investments.

The success of AI in South Africa depends on addressing three critical security imperatives. Businesses need to manage risks associated with AI usage, proactively defend against AI-enhanced attacks and employ AI to enhance their overall security posture.

AI’s reliance on vast amounts of data presents unique challenges, particularly for South Africa with our stringent Protection of Personal Data Information Act (POPIA). AI models are built, trained and fine-tuned with this data, making its protection paramount. Further afield, the EU has been steadily strengthening its cyber security posture through regulations like the Digital Operational Resilience Act (DORA), NIS2 Directive, the Cyber Resilience Act and the recently launched EU AI Act – all of which introduce stringent cyber security requirements that businesses leveraging AI must meet to ensure resilience and compliance. Missteps in handling data could lead to compliance failures, breaches or reputational damage.

Beyond data protection, the AI life cycle comes with broader risks related to system availability, data integrity, compliance and governance. The reassuring news is that tried-and-tested cyber security principles, such as least privilege access, robust authentication controls, monitoring and input/output filtering, still serve as valuable tools for securing AI systems. Implementing these measures effectively, however, requires upskilling security teams to understand and manage the specific nuances of AI technologies.

To better address AI risks, organisations should also integrate risk considerations across ethical, safety and cultural domains. A multidisciplinary approach can help ensure AI is deployed responsibly. Establishing comprehensive AI governance frameworks is an essential first step. These frameworks should include perspectives from experts across the organisation to balance security, compliance and innovation within a single, cohesive risk management strategy.

While AI has enormous potential, bad actors are employing this technology to enhance the speed, scale and sophistication of attacks. Social engineering schemes, advanced fraud tactics and AI-generated phishing e-mails are becoming more difficult to detect, with some leading to significant financial losses. Deepfakes, for instance, are finding their way into targeted scams aimed at compromising organisations. A 2024 ENISA report highlights that AI-enhanced phishing attacks have surged by 35% in the past year, underscoring the need for stronger cyber security measures. According to Dell Technologies Innovation Catalyst Research, 59% of South African respondents believe GenAI will introduce new security and privacy challenges.

Although many AI-enabled threats build on established attack methods, they require businesses to evolve their defences. Implementing AI-powered security tools and educating employees on recognising these advanced tactics are essential steps to counteract evolving threats.

Organisations must prepare for an era where cyber attacks operate at machines’ speed. Transitioning to a defensive approach anchored in automation is key to responding swiftly and effectively, minimising the impact of advanced attacks. A future of duelling AI agents in the cyber security domain may not be far off.

AI’s capabilities offer organisations powerful tools to fortify their defences. With its ability to detect vulnerabilities, predict risk and accelerate response times, AI is emerging as a critical asset in the fight against cyber threats. Organisations are increasingly integrating AI into cyber security strategies, viewing it as a critical enabler of more proactive, dynamic defences. In fact, Dell Technologies’ 2024 Innovation Index reports that 72% of organisations view AI as essential to their cyber security strategies, with 65% already implementing AI-driven security solutions.

Here’s how organisations can leverage AI to enhance security:

• Secure software development: AI can improve coding processes by detecting weaknesses early, helping teams reduce vulnerabilities in the development phase.
• Advanced threat prediction: AI’s algorithms can identify patterns and anticipate potential attack paths, aiding teams in proactive risk allocation.
• Enhanced threat detection: By processing vast datasets in real-time, AI can discern genuine threats from noise with unprecedented accuracy.
• Automated incident responses: AI tools can significantly accelerate containment and mitigation following an intrusion, reducing response timelines.
• User awareness programmes: AI-powered systems can deliver tailored security training to employees, fostering vigilance and reducing human errors that often lead to breaches.

For many businesses, the adoption of these advanced AI-driven tools will rely on partnerships with technology providers. It’s critical to ensure internal processes and data are structured and simplified to fully support the power of AI-enabled cyber security solutions. An automation-first approach ensures that businesses can adapt to a future where autonomous threats are the norm.

AI has moved beyond emerging technology status and now plays a central role in digital transformation in South Africa. Yet, its benefits can only be realised if businesses address its accompanying risks with diligence and foresight. Securing AI capabilities means embedding cyber security principles at every stage of development, testing and implementation.

Companies that approach AI security with robust protections and innovative strategies will not only mitigate risks but position themselves as industry leaders. By addressing the three imperatives of managing risks, countering threats and leveraging AI for security, businesses can unlock AI’s full potential while navigating the regulatory and threat landscape effectively.

Secured properly, the innovation AI enables will drive sustainable growth for businesses across South Africa, setting them up to thrive in an increasingly digital and data-centric world. The future belongs to those who innovate securely, balancing progress with responsibility.