The Council for Scientific and Industrial Research (CSIR) Information and Cybersecurity Centre, in collaboration with the Cybersecurity Hub under the Department of Communication and Digital Technologies, has released four national cybersecurity surveys conducted at the end of the 2023/24 financial year.

These comprehensive surveys delve into critical areas such as cybersecurity preparedness and resilience in the public sector, cybersecurity skills gaps, cybersecurity incidents and the digital identity landscape in South Africa.

As South Africa continues its rapid digital transformation, it is imperative to understand the cybersecurity challenges and opportunities facing the nation. These surveys provide valuable insights into the current state of cybersecurity in the country and offer recommendations for improvement by government and industry.

Key findings from the surveys:

Prevalence of cyberattacks: A significant 47% of organisations reported experiencing 1-5 cybersecurity incidents in the past year, underscoring the persistent threat landscape.

Data breaches: A concerning 88% of participants admitted to suffering at least one security breach with 90% of those organisations targeted multiple times.

Malware and phishing: Malware and phishing attacks emerged as the most common cyber threats with organisations reporting a high incidence of these attacks.

Cybersecurity awareness: Only 32% of respondents indicated that over half of their employees have received cybersecurity awareness training in the past year, indicating a significant gap in organisations’ seriousness about building cybersecurity awareness and culture.

Skills gap: The cybersecurity skills gap was identified as a critical challenge with 63% of cybersecurity roles partially or fully unfilled.

Talent retention: Retaining cybersecurity talent is another pressing issue with 35% of professionals citing better offers, lack of training opportunities and other factors as reasons for leaving their current positions.

Cybersecurity monitoring: Only 41% of organisations are assessing and monitoring cyber threats daily, indicating the majority are not prepared to deal with cyber threats. According to Telecom Review Africa, South Africa experiences almost over 20 million cybersecurity threats or attacks per month.

Digital identity: Financial institutions (88.0%) are considered the most important driver of the South African digital identity market. Over two thirds mentioned encryption and privacy technologies (71%) and biometrics (68%) as drivers while half reported identity theft as a serious concern that can be addressed by digital identity.

Dr Jabu Mtsweni, head of the CSIR Information and Cybersecurity Centre, emphasised the significance of these surveys: "In today's interconnected world, cybersecurity is a paramount concern. These national surveys provide a comprehensive assessment of our cybersecurity posture and highlight areas where we need to strengthen our defences as a country and they provide local and contextual research in this domain."

Dr Kiru Pillay from the Cybersecurity Hub said, while the integration of ICTs into daily life has greatly benefitted society, increased digital connectivity also introduces significant risks as cybercriminals exploit vulnerabilities in cyberspace. Therefore, cybersecurity must be prioritised as a strategic imperative across all aspects of governance and service delivery. Studies like these are crucial in helping us understand our current standing as a country and determine where we should focus our initiatives.

Recommendations

Based on the survey findings, the CSIR recommends the following actions:

Invest in cybersecurity: Increase investment in cybersecurity infrastructure, education and research.

Develop a skilled workforce: Prioritise development of a skilled cybersecurity workforce through training and education programmes.

Strengthen incident response: Enhance incident response capabilities to effectively handle cyberattacks.

Improve digital identity: Implement robust digital identity solutions to protect users online.

Foster public-private partnerships: Encourage collaboration between the public and private sectors to address cybersecurity challenges.

The CSIR believes, by addressing these recommendations, South Africa can significantly improve its cybersecurity posture and protect its critical infrastructure and citizens from cyber threats.

Methodology

The national surveys were conducted using a combination of telephone interviews and online questionnaires to reach a diverse sample of participants across South Africa. Particular focus was placed on larger provinces such as Gauteng, KwaZulu-Natal and the Western Cape to ensure a broad representation. Over 300 responses were collected for each survey, resulting in a total of over 1 200 individuals and organisations participating. This robust sample size provided a solid foundation for the survey findings and analysis.

Access the cybersecurity awareness and preparedness report here.