Critical infrastructure: Combat cyberattacks in SA

As cyberattacks become more sophisticated and aggressive, South Africa needs an urgent and integrated approach to protect its critical infrastructure, warns Adius Ncube, partner in the public sector practice at management consultancy Oliver Wyman.

“The digital transformation in South Africa has been incredible, but the increase in digital footprint has also expanded the opportunities for cybercriminals. The threat to critical infrastructure, such as healthcare systems and utilities, is very real and needs to be addressed,” Ncube emphasises.

With attacks growing in frequency and severity, the country’s current state of readiness may leave it vulnerable to significant disruption. Major global incidents, like the Colonial Pipeline attack in the United States and ransomware attack on the UK’s National Health Service, underscore the urgency of the situation.

A growing global problem

“The experiences of other countries are a stark warning that no one is immune. South Africa is yet to suffer a major cyber incident, but it’s only a matter of time if we don’t take the right steps,” cautions Ncube.

The rise of cyberattacks is not just a concern for larger countries. Even smaller nations like Estonia and Costa Rica have been victims of significant cyber incursions. In South Africa itself, recent statistics by Interpol reveal that 34% of business email compromise events recorded on the continent were localised within the country.

What is needed, Ncube explains, is an integrated approach that unites various arms of the state and leverages the latest in prevention and response strategies.

“Clear policy, education, skill development, intelligence sharing, and proper response planning are the building blocks for a robust defence against cyber threats,” he elaborates.

South Africa’s existing National Cybersecurity Policy Framework (NCPF) provides a basis for this approach, but more work is required. Ncube identifies human error as a particular weakness, with 95% of cybersecurity issues stemming from it.

“People must be educated on the risks and the simple mistakes that can lead to a breach. Social engineering and phishing attacks are extremely effective, and without proper understanding at all levels, we remain exposed,” he stresses.

Challenges in building a cyber resilient nation

One of the challenges highlighted by Ncube is the difficulty in hiring and retaining cybersecurity talent. A study by Fortinet revealed that 40% of South African companies struggle to find and keep qualified cybersecurity professionals, and 86% had suffered at least one cyberattack due to lack of skills within the last year.

“In a world where it’s not a question of ‘if’ but ‘when’ an attack will occur, we must be prepared with an integrated response plan. Quick and coordinated action will minimise damage and help get essential services back on track,” advises Ncube.

This plan should outline roles, responsibilities, and include comprehensive strategies for investigating successful attacks, patching vulnerabilities, and communicating with stakeholders.

Ncube’s insights serve as both a warning and a call to action for South Africa. While the country has made significant strides in cybersecurity, the rising threat requires continuous effort and collaboration across all sectors.

“Right now, South Africa has the right building blocks in place for a fully integrated approach, but there’s more to be done. An integrated approach won’t stop every attack, but it will prevent many more and can mitigate the impact of any such attack,” he concludes.

READ NEXT: Why is no one talking about venture building in Africa?