South Africa's government and its cybersecurity ecosystem face significant challenges in advancing and enforcing regulations. Failure to do so could increase vulnerabilities and cause the country to fall further behind globally.
According to cybersecurity and financial services professionals, the country’s slow approach to regulation and enforcement is just one of many issues that need attention.
At the 4 Digital Dawn event, presented by the South African ICT Association (SAICTA) in partnership with Nedbank and the Flanders Investment & Trade agency, Elmarie Biermann, founder and director of the Cybersecurity Institute, highlighted a common misconception: many organisations believe that compliance with data protection and cyber security regulations equates to full protection.
"This is not the case," said Biermann. "Regarding PoPIA, the Information Regulator is really showing some teeth, and that is going to grow in terms of the Act. But compliance—in most cases—is a tick-box exercise and does not equal security."
Biermann added that "there’s no endpoint"" to managing cyber risk. "It isn't a final destination; it is a continuous cycle."
Law enforcement challenges
Vickus Meyer, divisional executive: risk, shared services & security at Nedbank, explained how the bank uses intelligence to assist its security analysts. “We’ve built a whole bunch of automation to understand the security logs that come through, work through all that data and present – hopefully by eliminating false positives – the items that we really want the security analysts to look at.”
Meyer stresses the importance of collaboration between the private sector and law enforcement/government agencies to respond to cyber security incidents.
“Law enforcement agencies in South Africa are not up to speed with how we deal with cyber crime matters…we continue to work with the different agencies that are available to us and where we can, we provide them with information to help them enforce the law, but there’s lots of work that needs to happen from an enforcement perspective. Regulatory-wise, we tend to adopt international practices, so that at least gives us an idea of what is to come. From a PoPI perspective, we are also seeing that the privacy regulator is starting to flex its muscles and ensure compliance."
Biermann pointed out that the government's cybersecurity strategy is still not in place, despite the many years since they started developing it.
She said in terms of incident response, South Africa has the Cybersecurity Hub, the country’s National Computer Security Response Team, but she rated it as "dysfunctional”.
According to Biermann, sectors like banking and communications are making an effort to strengthen Cyber Incident Response Teams, build threat intelligence and leverage bodies like the South African Banking Risk Information Centre (SABRIC) and the Communication Risk Information Centre (COMRiC).
“What happens is that your private sector has to then build that from the ground up, that’s why SOCs and intelligence centres are sector specific, but mainly private sector-driven,” she noted.
Participants in the discussion agreed that while AI, GenAI, cloud and data security continue to shape South Africa’s cyber threat landscape, instead of solely relying on emerging technologies, organisations should focus on basics like vulnerability management, multifactor authentication, and patch management.
This approach is crucial for addressing challenges such as supply chain compromises, skills shortages, human error, exploitation, and the expected rise in digital surveillance.
Share