data released by cybersecurity firm Check Point shows that there has been a 37% increase in cyberattacks across Africa over the past 12 months.
The increase in cyberattacks and data breaches (more than 150 data breaches reported every month) across all sectors is costing South Africa billions of rands annually. This money could be better spent on service delivery interventions and economic growth.
The Council for Scientific and Industrial Research’s national cybersecurity survey shows that 88% of organisations face one to five cyberattacks a year, with phishing and ransomware attacks being the most common, resulting in data and financial losses. Recent cyberattacks on critical national infrastructures such as the National Health Laboratory Service and Transnet have demonstrated the vulnerability of South Africa’s institutions to cyber threats. The department of public works and infrastructure also recently announced significant financial losses as a result of cybercrime, with estimates reaching R300 million over the past three years.
Moreover, nation-state cyberattacks are becoming more frequent and sophisticated, posing a threat to national security. A notable incident in Lebanon and Syria, where pagers were remotely detonated, demonstrates the growing sophistication of these attacks. To mitigate these threats and protect national sovereignty, countries such as South Africa must invest in strategic measures and build security-aware, innovative leadership.
Cybersecurity efforts in South Africa
In 2012, a national cybersecurity policy framework (NCPF) was gazetted to begin addressing the national cybersecurity challenges. From this framework, several initiatives were implemented, including the Cybersecurity Hub, the Cybersecurity Centre, the Cyber Command as well as the Cybersecurity Response Committee (CRC).
A defence review in 2015 emphasised the military’s crucial role in protecting the country’s cyber borders. The Cyber Command is intended to address this need, but is hampered by budgetary and facility constraints, as presented in parliament in 2023. This facility would play a critical role in protecting our cyber borders if adequately resourced. The Cybercrime Act, 2020 (Act 19 of 2020), although promising, faces implementation difficulties because of limited resources.
Ten years later, the primary challenges remain with our cyber borders being exploited by cyber criminals, terrorist organisations, nation state hackers and insider threat actors. This suggests that some of the existing interventions are inadequate, ineffective or have not been matured to the required levels, because of limited funding and leadership appreciation of the high risks posed by cyber threats.
A case for strategic and thought leadership for cyber resilience
At a national level, cybersecurity is often underestimated as a crucial aspect of national security. It is viewed as a purely technological concern, rather than a broader strategic issue. While government investment in this area is limited, the financial sector has made significant investments in cybersecurity, amounting to billions with a goal to protect their critical business environments.
This reflects a recognition of the importance of leadership in driving a cybersecurity agenda to develop skills, deploy necessary controls, infrastructure and tools to arrest the scourge of cyber threats. As such we put forward a case that South African leadership should understand that cyber threats pose a significant risk to service delivery, economic growth and national security.
Strategic leadership is crucial to navigating cyber challenges and building a resilient cyber ecosystem. These include advocating for the implementation of the national cybersecurity strategy, which has been delayed for an extended period. This strategy is essential for setting the tone, investing in capability development and resources, and fostering a culture of cybersecurity.
The national cyber strategy that aligns with key priorities is paramount and must be driven from the top. At a high level, it should prioritise securing cyberspace, projecting dominance in cyberspace and investing in continuous capability improvements.
First, visionary leadership must recognise the importance of protecting the digital realm, just as nations safeguard their physical domains. This task encompasses several considerations such as developing human capital, legal and procedural instruments, cyber infrastructure, home-grown technologies, strategic partnerships and collaborations and other necessary capabilities to protect against these cyberattacks and threats. Without these, the cyber threats could continue unabated, and we risk cybercriminals and other nation-states gaining uncontrolled influence in our domestic affairs.
Second, strategic leadership must ensure that the nation projects itself in cyberspace for the national interest. This could include a national cyber capability for situational awareness and for combatting cyber terrorism, misinformation and disinformation; limiting reliance of foreign technologies and mitigating against collateral cyber implications.
Last, visionary leaders who are cyber conscious and appreciate the speed at which technology advances should ensure that the nation is continuously sustaining, developing and improving the capabilities of the state to protect and defend itself in cyberspace. This must be done through strategic and directed research, development, and innovation. In addition, we must collaborate with regional and international partners to enhance cyber resilience by sharing best practices, intelligence, information and resources.
Sun Tzu said in his famous book, The Art of War, “Victorious warriors win first and then go to war, while defeated warriors go to war first and then seek to win.” This metaphor highlights the effect of proactive and visionary leadership compared to reactive leadership.
The protection of the digital space is paramount to South Africa’s economic growth, social development and national security. And as such, strategic and effective leadership in government, the private sector and civil society is non-negotiable. The protection of our cyber borders is no longer just a technology issue, but a national security issue that, if left unattended, will continue to have devastating implications including threatening the country’s sovereignty and economy.
Dr Jabu Mtsweni is the head of the Information and Cyber Security Centre at the CSIR and a research fellow at the Stellenbosch in Security Institute for Governance and Leadership in Africa.
Mphahlela James Thaba is the impact area manager in technology for special operations at the CSIR and pursuing his doctoral degree at the University of Johannesburg specialising in engineering management.