The public internet is transitioning from being known as a core business enabler to – in many ways – an increasingly worrisome liability. Historically viewed as the great connector – open, accessible, and essential – the public digital environment is becoming difficult for enterprises to trust.
Richard Ford, Group CTO at Integrity360, says executives are being forced to ask the question of how much their business should still depend on a public digital environment they do not fully control. And now digital dependency on the internet may be optional after all.
The concept of a private internet doesn’t mean abandoning the public internet altogether, but it does point to a broader shift towards controlled digital environments where mission-critical systems are protected with greater intent, particularly for sectors like mining, manufacturing, logistics and finance.
“South African organisations are under pressure from more than one direction because they’re dealing with infrastructure uncertainty, growing digital dependence, and cyber attackers who understand the costs of downtime all too well. Given these realities, it’s understandable that digital control is becoming a corporate priority.”
The retreat to the enclave
The original promise of digital transformation was built on the relatively open connectivity among cloud platforms, remote access, connected devices, and online services, which have allowed organisations to move faster and operate across more complex value chains.
But that same progress has also created new levels of exposure as every connected system, supplier portal, remote user, cloud application and industrial device can become part of the attack surface.
At the same time, operational environments that once ran separately from corporate IT are more linked than ever, which opens the door for a cyber incident to be able to quickly become an operational one.
Businesses that cannot afford prolonged disruption are beginning to rethink the architecture itself.
This may include private networks, stronger segmentation between IT and operational technology, secure access strategies, dedicated connectivity for high-value environments, managed detection and response, and more rigorous control over who can access critical systems and what they can access.
It is about physical and logical decoupling in select, priority environments, where some organisations are now deploying private, standalone 5G networks.
These networks operate on licensed, localised spectrum, allowing automated machinery, logistics systems, and core data processing to communicate directly with one another without exposing their data packets to the public internet.
“Rather than make an organisation invisible and disconnected, the goal is to reduce unnecessary exposure and make sure that the systems most critical to operations are not treated the same way as ordinary internet traffic,” notes Ford.
Digital sovereignty becomes a business issue
Globally, cyber strategy is being shaped by geopolitical fragmentation, AI-enabled attacks, supply chain complexity and growing concern about who controls digital infrastructure, which, for South African organisations, are compounded onto local realities.
“Having greater control over the digital assets, infrastructure, data, and dependencies that keep the organisation running does not require every company to own every layer of technology, but it does require leaders to know where their most important systems sit and how quickly they can isolate and recover them if something goes wrong,” explains Ford.
“Private digital environments form part of this thinking because they allow organisations to create more predictable conditions around their highest-value operations. In a private or highly segmented environment, access can be tightly governed, traffic can be monitored more closely, and compromise can be contained before it spreads across the business.”
The new divide
There is, however, a risk that this shift creates a new kind of digital divide. Large enterprises may have the budget to invest in private networks, dedicated security operations, managed services and sophisticated resilience programmes.
Smaller businesses, which often form part of the same supply chains, often remain dependent on standard connectivity and fragmented security tools. The challenge is that attackers rarely think in organisational silos, but look for the easiest route into the value chain, and a smaller service provider can become the doorway into a much larger organisation.
Ford says that despite the disparities, principles of risk reduction still apply, including improving identity controls, implementing multi-factor authentication, segmenting critical systems, using managed detection and response where internal capacity is limited, testing incident response plans, and reviewing third-party access.
“Digital sovereignty should not become something only large enterprises can afford. Every organisation can make better decisions about what needs stronger protection, what should be separated, what should be monitored and what should never be exposed without good reason.”
Acting like a digital landlord
“The public internet will remain essential, but organisations need to be more deliberate about what they expose to it. Building resilience within this framework will require businesses to understand their dependencies and take far greater control of the environments that keep the business moving. In that sense, the future may not be a retreat from the internet, but a more mature relationship with it,” adds Ford.
Share
