National cybersecurity implementation in South Africa: The conundrum question

Abstract

Cybersecurity has evolved over the years, and today cyberattacks instigated by cyber-criminals, nation states, or insider threat actors are part of regular headline news. In South Africa and around the world, the number of cyberattacks or incidents in the public and private sectors have been on an increase over the past few years, but are more prominent since the emergence of the COVID-19 pandemic. The ransomware attacks and data breaches are more common. Recent research studies indicate that in 2020 countries such as India reported over 50 000 cybercrimes (12% increase from previous year) and Australia reported a 13% increase in 2020 with one in four of the cyber incidents targeting critical information infrastructure. In August 2021, the Information Regulator indicated that close to 40 organisations reported suffering a security breach in South Africa. All these cyber incidents come at a cost estimated to be at $500 billion per annum, negatively impacting 20% of the businesses; whilst in South Africa, the South African Banking Risk Information Centre (SABRIC) predicts cybercrime losses to be over a billion every year and that the attacks will be increasing. The developed countries are not protected either, as a recent study from Checkpoint indicates that ransomware attacks have increased by 93% in 2021 with Europe, the Middle East, and Africa seeing the highest growth. In the United States, authorities have also observed over 500 attacks in 2021 that have been perpetrated by the Conti ransomware.