Dr Jabu Mtsweni, research group leader for cyber defence at the CSIR.

Dr Jabu Mtsweni, research group leader for cyber defence at the CSIR.

Barely a day goes past without a story of a data breach or hack making the headlines. Targeted attacks, denial of service (DDOS attacks), ransomware – these are just a few of the challenges that businesses have to face today.

Add to that an increasingly connected world, with the Internet of things on the rise, and trends such as cloud and BYOD adding to the risk, and it's easy to understand why businesses are struggling to keep up with the slew of threats that are endangering today's enterprises.

Dr Jabu Mtsweni, research group leader for cyber defence at the CSIR, says the looming legislative change in South Africa is also driving increased cyber-security awareness and culture in the business environment and government. "We see that the cyber crime and cyber security bill recently tabled in Parliament has the potential to stimulate and build a robust cyber-security posture in South Africa. However, these efforts might be hampered by the delays in actually putting the legislation into action."

He adds that data breaches and general cyber attacks continue to remain unreported by organisations due to fear of reputational damage and suchlike in SA and that this trend is creating a "false sense of security" and the incorrect perception that SA in not badly affected by cyber attacks.

"Recently, it has been shown that there are a lot of data breaches that continue to wreak havoc in South African organisations, but these are not reported when they happen and users affected by these data breaches are not even informed. A recent example includes a data breach from Ster Kinekor that affected over 6 million personal customer records. This information only came to the public via a third party."

Another trend, he says, will be an increase in ransomware attacks on mobile devices and other IOT devices, that will start to emerge as cyber criminals intensify their efforts to get more data and money from citizens and exploiting the low levels of cyber-security awareness in the country.

Finally, he says there is a strong need to have home-grown cyber security technologies, and as such we see a number of cyber security technologies coming out from local organisations. "However, in this space, there is still a lot of work and challenges to be overcome."

Dr Mtsweni will be discussing these, and other trends shaping the IT security landscape in SA in 2017, during the ITWeb Security Summit 2017, to be held from 15 to 19 May, at Vodaworld in Midrand.