18 Mar Underfunding of cyber defences leaves organisations in South Africa exposed to cyberattacks

The latest report from Mimecast has warned that the underfunding of critical cyber defences is leaving South African organisations exposed to cyberattacks.

The report, titled Mimecast State of Email Security 2022 report, comes at the same time as findings from Altron Systems Integration also warned South African organisations faced an escalated risk of damage via cyberattacks as a result of the war in Ukraine.

The findings said: “Since the start of the war, there have been increased cyberattacks – the war is likely to redefine the relationship between kinetic and cyber warfare.”

It also added that many South African companies used tools and technology of Russian origin, which could also leave them at risk of cyberattacks.

The firm warned that South African organisations need to be on high alert and prepared in case cyber attacks happen, so they can act quickly.

Mimecast’s new research has found that 97 percent of South African organisations said they have been negatively impacted by a lack of budget for their cyber resilience efforts. The rising concern is also that cyberattacks are escalating, and businesses in South Africa might not be able to fight them.

Mimecast SA cybersecurity expert Brian Pinnock said 94 percent of South African companies have been targeted by email-related phishing attacks in the past year, with nearly two-thirds citing an increase in such attacks.

He said: “The cost of ransomware attacks are also piling up, with three in five organisations (60 percent) citing damage from a ransomware attack – up from less than half (47 percent) in 2020.

“And of companies paying the ransom, the average ransomware payment breached R3.2 million (Mimecast State of Ransomware Readiness report), despite nearly half (43 percent) of such payments resulting in companies being unable to recover their data.”

The latest report, which tracked responses from 1,400 IT and cybersecurity professionals in 12 countries, found that South African organisations allocated on average 12 percent of their IT budgets to cyber resilience, which is below the global average of 14 percent.

Mimecast SA said while this might not seem like a big difference, it highlighted that more than half of South African respondents (53 percent), have less than 10 percent of their budget allocated to cyber resilience, compared to only a third (34 percent) saying the same globally.

On average South African security professionals said they need a 21 percent budget allocation to enable them to ward off incoming cyberattacks and other threats, especially at a time when nearly all cyberattack types were growing in volume and sophistication.