What to expect from South Africa’s cybersecurity landscape in 2024
As widely reported last year, South Africa received the most cybersecurity threats on the continent by far – 230 million compared to second-placed Morocco’s 71 million in 2022.
Virodh Sunderlall, Product Manager at Services and Solutions Aggregator Tarsus On Demand, says South Africa is particularly vulnerable because of affordability challenges. “More developed countries have more funds available to buy multiple security systems. Our economy has not been at its strongest, so people try to lower expenditure by cutting expenses that don’t generate money, such as security and insurance. This leaves enterprises open to attack.”
South Africans are, however, learning that cybersecurity is not a luxury, as with protection of physical property, he says. As the country ramps up its safeguards, here are five top trends to look out for in 2024:
1. Multilayered security
Multilayered security was a key strategy for Tarsus On Demand and its partners in 2023, and will remain so in 2024, says Sunderlall. “With cyber threats becoming more sophisticated and diverse, relying on a single security layer is no longer sufficient. Multilayered security involves combining different security measures such as firewalls, encryption, access controls, behavioural analytics, and endpoint protection to create robust defences against potential breaches.”
This strategy also allows for adaptation to new threats - if one layer is breached, others can mitigate the risk, reducing the chances of a successful attack.
“Multilayered security has become so important that security vendors are now creating APIs to communicate to other vendors’ products on systems. This helps them leverage each other to bolster security strength. Forward-thinking companies will implement these APIs in 2024,” says Sunderlall.
2. Better email protection
Between 90-95% of all security breaches happen through email, says Sunderlall. “As with home security, your most-used entry points are also the most vulnerable. Usually, that’s email. Almost every security vendor is trying to solve this, and we’ll see the most movement in this area in 2024.”
New regulations on Domain-based Message Authentication, Reporting and Conformance (DMARC) compliancy, which governs how emails are sent, also come into effect from March 2024 and will affect security products going forward.
3. More options, with more flexibility
Fixed term contracts are falling out of favour, with multiple vendors now offering customers more flexibility, says Sunderlall. “Vendors are no longer tying customers and partners into 12-month security contracts. Instead, they’re restructuring offerings around monthly payments, and making products easier to integrate and to scale up and down as needed.”
Vendors are also offering multiple solutions, where they used to focus on one or two products. “Consumers want more choice, and vendors are giving the market what it wants. Tarsus On Demand, for example, is now offering AWS alongside Microsoft and multiple cybersecurity stacks, making us one of very few authorised AWS distributors in Africa.”
4. Cyber insurance
As threat vectors increase and more companies are being held ransom by attackers, cyber insurance products will become more necessary, says Sunderlall. “These products have only recently started seeing the light, but they’ll become commonplace very quickly. Soon, cyber insurance will be a standard and necessary business expense, like building insurance is.”
5. AI defences
AI has been the most talked-about topic in security globally this past year, and we’ll see more real-world use cases in 2024, says Sunderlall. “We’ve seen some great AI-based defensive tools come out, especially in email security. And it became much more accessible this past year, with products like Mimecast becoming available to end users.
“But the converse is that AI is also being used to attack systems. It’s a double-edged sword and it’s not quite clear what it’s capable of yet. We can expect to see some big developments in the field this coming year, both good and bad. It’s going to be interesting to keep an eye on these developments as they shape the future.”
The challenges posed by the sheer volume of cyber threats, combined with economic constraints, have catalysed a strategic shift in the approach to cybersecurity. The adoption of multifaceted security measures, improved email protection, flexible vendor options, the emergence of cyber insurance, and the utilisation of AI in defence mechanisms underscore a proactive and dynamic response to the growing complexity of cyber threats. While these developments herald a more secure digital environment, they also signify a new era of continuous adaptation and vigilance.