Fifty percent of organisations in South Africa have experienced up to four cyber attacks over the past year, while 10% experienced nine or more. The country’s vulnerability has been exposed, with just 4% of organisations reporting no cyber attacks in the last 12 months.
This is according to the 2024 Cybersecurity Skills Gap Global Research Report released by Fortinet, based on a survey of 1 850 IT and cyber security decision-makers across 29 countries, including South Africa.
Experts believe a lack of awareness and qualified professionals are key contributing factors to the situation South Africa finds itself in.
According to Fortinet, the data collected specifically from South African respondents reveals a concerning picture of the nation’s cyber security preparedness and resilience.
The financial impact of breaches has been severe, with 39% of South African respondents reporting losses exceeding $1 million, and at least one organisation suffering a loss of over $6 million.
“Clearly South Africa is a prime target for attacks, yet globally we are lagging in terms of cyber security investments,” said Julie Noizeux, channel manager at Fortinet South Africa.
Skills paradox
The research highlights a complex skills landscape. While 60% of South African respondents blamed attacks on insufficient in-house cyber security skills or trained IT staff, and 58% cited a lack of cyber security awareness, only 36% reported difficulties in recruiting talent and just 28% struggled with retention.
Noizeux notes that cyber security skills are scarce globally, with South Africa facing additional challenges due to the brain drain of skilled professionals seeking opportunities abroad. Some organisations are adapting by using advanced technology and partnering with managed security service providers, who offer the full security stack and management of the environment.
Unified approach
Noizeux advocates a unified cyber security approach: “By leveraging a unified cyber security fabric or platform that connects with multiple products, organisations can achieve a unified view of the entire environment, achieving consistent policies, management and control.”
This strategy simplifies operations, reducing the need for staff to master multiple technologies and enabling more efficient use of human resources. “Machine learning and AI are increasingly taking on complex cyber security tasks. These technologies can automate threat detection and response, which helps reduce the burden on staff for routine, manual processes,” she adds.
According to Fortinet, a multi-faceted approach combining skills development, outsourcing, advanced technologies, and early education may be key to bridging the cyber security skills gap and strengthening the nation’s digital defences.
Share