MPs give Malatsi hard time for attempting to ease transformation requirements for certain companies
CAPE TOWN - Communications and Digital Technologies Minister Solly Malatsi has come under fire in Parliament for attempting to ease transformation requirements for certain companies.
Members of Parliament (MPs) have also accused Malatsi of overstepping his executive powers when he gazetted new regulations that don't require international companies to give a 30% ownership to a historically disadvantaged South African as required by Broad-Based Black Economic Empowerment (BBBEE) legislation.
But Malatsi defended the move during a portfolio committee meeting in Parliament on Tuesday, saying it also promotes transformation and will benefit the economy and the Information and Communication Technology (ICT) sector.
ALSO READ: Malatsi defends policy directive to ease company transformation targets and BEE requirements
Most political parties have rejected the policy move by Minister Malatsi, with some going as far as calling for his resignation.
But Economic Freedom Fighters (EFF) MP Sinawo Thambo accused Malatsi of trying to amend legislation, including BBBEE laws, through the regulations.
"I think that speaks to the overstepping of executive powers has been spoken to in the house. That is my primary legislative concern," said Thambo.
Meanwhile, the African National Congress (ANC)'s Shaik Subrathie questioned whether Malatsi and the Democratic Alliance (DA) are trying to favour Elon Musk's Starlink with the regulations.
"The party that he represents, which is the DA, have they had any conversations with Elon Musk and Starlink?" Subrathie asked.
But Malatsi assured MPs that the regulations aren't a special dispensation for Starlink and urged members to allow the process to unfold, including the public consultation process, instead of withdrawing the gazette.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
IOL News
32 minutes ago
- IOL News
Unlocking data sovereignty: Minister Malatsi's vision for South Africa at Africa Tech Week 2025
At Africa Tech Week 2025 Minister Malatsi unveils South Africa's ambitious strategy for data sovereignty, amidst a surge of investment from global tech giants. As South Africa cements its position as a leading hub for data centres and cloud computing in Africa, the government is taking decisive steps to ensure the country remains both competitive and secure in an increasingly digital world. At Sentech Africa Tech Week 2025, set to take place from 3–4 June 2025 at the Century City Conference Centre in Cape Town, Hon. Solly Malatsi, Minister of Communications and Digital Technologies, will deliver a landmark address on South Africa's Strategic Approach to Data Sovereignty . This keynote comes at a pivotal time, as global tech giants such as AWS, Google Cloud, and Microsoft continue to invest heavily in African infrastructure. The Minister will outline how South Africa is aligning regulatory frameworks with international best practices to attract investment while safeguarding national interests. Key highlights of the address will include: Regulatory reforms aimed at balancing innovation with cybersecurity compliance ● Promotion of renewable energy for data facilities to support sustainable growth ● Building a secure digital ecosystem that supports global cloud leaders and local innovators alike Policy initiatives to ensure data sovereignty and protect citizen information. The session promises to be a defining moment for policymakers, enterprise leaders, and technology stakeholders seeking clarity on how Africa's most advanced digital economy is navigating the complex intersection of regulation, security, and growth. Streaming the Future: Sentech hosts panel on unlocking growth in media & OTT Services Also featured prominently on Day 1 of the conference is a high-level panel discussion hosted by Sentech, titled: 'Streaming the Future: Unlocking Growth in Media and OTT Services'. As traditional broadcasting continues to evolve into digital-first platforms, the rise of Over-The-Top (OTT) services represents both a challenge and a massive opportunity for Africa's media industry. This panel will bring together top executives to explore how infrastructure providers and tech innovators can collaborate to expand access, enhance content delivery, and monetise new digital audiences across the continent. Panellists Include: Kopano Thage, Chief Commercial Officer – Media Business, Sentech Shoeshoe Qhu, CEO, Media Development and Diversity Agency (MDDA) Yokow Quansah , Managing Director, Broadsmart The conversation will cover: Data-driven viewer insights to improve engagement and retention Local content strategies that resonate with African audiences Next-generation streaming technologies that overcome bandwidth limitations Partnership models between broadcasters, tech firms, and regulators to enable scalable growth With Africa's digital audience growing rapidly, this session will provide actionable insights into how the continent can harness its creative potential while building a robust, future-ready media ecosystem. Sponsors Sentech Africa Tech Week 2025 would not be possible without the generous support of our sponsors, whose commitment to innovation and progress is helping drive Africa forward. A special thank you to: Platinum and Naming Rights Partner: Sentech SOC Gold Sponsor & Premium Digital Partner: / InterviewMe Ltd ● Host City Partner : The City of Cape Town Crypto Coffee Counter Sponsor: Binance Silver Sponsors: Softswiss , Absa Bronze Sponsors: XLink , The AdHive Group , Africa Data Centres , and InDrive ● Premium Showcase Sponsors : LexisNexis South Africa, GoSolr (Pty) Ltd, Pula Management, Nutanix and Dell Technologies Showcase Counter Sponsors: Zoho , OneX , Accso South Africa , 4IRI , Geeks4Learning / Reverside , Etapath , Astraia Technology , SETSIBI IT Support Services , ITTHYNK AI Photobooth Sponsor: Gold Otter Media Lifestyle Partner: Isanti Glass Strategic Partners : UVU Africa , BPESA , Good Governance Africa , Promedia Out of Home , StartupGrind Cape Town , Tractor Outdoor , Financial IT , Cape Times , and IOL Join the movement Media representatives are invited to attend and report on the event. For press accreditation or interviews with speakers and organisers, please contact: Thabiso Mohlabeng – For general event inquiries, sponsorship opportunities, or speaker details: marketing@ Visit for full agenda, registration,and updates. Get Tickets: About Sentech Africa Tech Week Africa Tech Week is a flagship event focused on unlocking digital transformation across the continent. Hosted by Topco Media in partnership with Sentech, the conference brings together visionaries and innovators to explore how technology can accelerate inclusive economic growth and development in Africa. Let's build Africa's digital future—together. Partnered Content
The South African
an hour ago
- The South African
Starlink triggers black ownership row in South Africa's parliament
South Africa's proposal to amend the Black Economic Empowerment (BEE) Act has provoked political outrage, with Elon Musk's Starlink at the forefront. The retaliation responds to Solly Malatsi's (Minister of Communications and Digital Technologies) Friday announcement, recommending they restructure the Electronic Communications Act, which requires 30% of foreign telecoms equity to be black-owned. Malatsi's proposition occurred two days after South African President Cyril Ramaphosa visited the White House, during which Cape Town-based billionaire Johann Rupert requested Musk's technology to tackle the nation's high murder rate. Starlink is yet to operate in South Africa as several neighboring countries grant access. Portfolio committee chair and African National Congress (ANC) member Khusela Diko declared Malatsi's scheme as bending the rules for Musk in a Parliamentary hearing on Tuesday. Moments later, Economic Freedom Fighters member Sixolise Gcilishe said, 'We are not going to accept a situation where our laws are going to be rewritten in Washington.' Meanwhile, ANC's Tshehofatso Chauke saw the policy as a threat to domestic business owners, believing it to offer an 'opportunity for international players to come through the back door' and 'favor big business rather than the interests of South Africans and those who are previously disadvantaged.' Democratic Alliance member Malatsi denied that Starlink played a role in the recommended policy change, stating that the amended framework had been internally discussed since around September of last year. 'We are not attempting to open a special dispensation for Starlink or any other company or an individual… There is no conspiracy on our part with regard to this policy direction,' Malatsi stated. The Minister revealed his intentions were driven by the need to attract investment and tighten business regulations. He believes the policy to be as domestically benefiting as the current BEE requirements, outlining that the reform offers foreign companies two avenues: an equity equivalent scheme or 30% black ownership. 'We advocate for smarter, scalable approaches that deliver meaningful impact and restore policy clarity, consistency, and investor confidence,' South Africa's Association of Communications and Technology said in a statement supporting Malatsi. The proposal has divided South Africa's cabinet, with some calling for legal intervention while others believe it doesn't object to current domestic laws. South Africa's BEE act, introduced after the conclusion of Apartheid, has been infamously criticized by Pretoria-born Starlink CEO Musk, who views the policy as 'openly racist.' Starlink has become increasingly prevalent in Africa – connecting pockets of rural Africa to fast internet – while steering clear of South Africa but operating in neighbors Eswatini, Botswana, Zimbabwe, and Mozambique. Other African locations include Nigeria, Kenya, Ghana, and Benin. South Africa's lawmakers will continue to discuss Malatsi's policy reform, suggesting that, amid the backlash, the door remains narrowly open to restructuring the ICT sector's current black ownership requirements, enabling Starlink to open up shop. Let us know by leaving a comment below, or send a WhatsApp to 060 011 021 1 Subscribe to The South African website's newsletters and follow us on WhatsApp, Facebook, X and Bluesky for the latest news.
Daily Maverick
an hour ago
- Daily Maverick
Data breaches and cyber vulnerabilities – SA's troubling lack of readiness revealed
South Africa is becoming globally notorious in a field that should really be avoided: cybersecurity failure. A recent report from Virtual Private Network provider Surfshark shows that South Africa ranks second on the continent for data breaches. Simultaneously, Cisco's 2025 Cybersecurity Readiness Index reveals a dangerous disconnect — while 85% of local companies believe they're prepared, just 7% meet the 'mature' threshold for actual cyber resilience. Daily Maverick's examination of leaked data on the dark web confirms a troubling truth: South African data is leaking at an industrial scale, driven by poor cyber hygiene and a digital environment outpacing its own defences. Less than zero: South Africa's scorecard South African Airways (SAA), the South African National Defence Force (SANDF), Experian, and Home Affairs — and as of last week, Mediclinic — the list goes on. South Africa has emerged as one of the primary countries targeted by hackers for data leaks and ransomware. The Surfshark 2025 breach ranking places South Africa second in Africa and 37th globally, but more concerning is our upwards trajectory. Surfshark data shows a 164% increase in breach volume from the third quarter to the fourth quarter of last year, based on tracked accounts exposed in known breached databases. Meanwhile, Cisco's 2025 Cybersecurity Readiness Index found that while 85% of South African firms claim confidence, most fall into 'formative' or 'beginner' categories, indicating an alarming gap between perception and preparedness. Of far more import is the risk to the state and public sector. The SANDF breach of August 2023 revealed critical gaps in public sector cybersecurity. Operational schedules, internal communications, and staff details were dumped on public forums. Should a similar breach hit Eskom or Rand Water, the fallout could escalate from data loss to national service failure, severely undermining South Africa's essential infrastructure. Smashthestate: infrastructure in the crosshairs The SANDF breach wasn't a one-off. Staff rosters, operational files, and internal communications were leaked with minimal resistance, revealing deep structural vulnerabilities — at the time that Daily Maverick viewed the page, the data had been downloaded 154 times. South African Airways (SAA) similarly saw both employee and passenger data compromised. Even the Department of Home Affairs — custodian of the national population register and biometric databases — has suffered multiple exposures. In one case, a misconfigured public server linked to a third-party contractor's testing environment left biometric fingerprint templates, ID numbers, and passport scans openly accessible online for more than two months before being taken down. 'The system wasn't even behind a login — it was indexed by search engines,' confirmed Hendrik de Bruin, the head of SADC Security Consulting at Check Point in an interview with Daily Maverick. 'Anyone with a browser could access high-value identity data in raw form.' This not only violates basic data protection principles, but poses significant surveillance and identity theft risks, particularly given South Africa's widespread use of biometrics for banking and social grants. 'There is no proper segmentation between operational tech and IT in many departments. That's how you go from data loss to infrastructure failure,' continued de Bruin. 'Public entities often rely on legacy systems patched together over decades, making them a soft target.' Telecom metadata leaks suggest even critical communications infrastructure is poorly protected — laying the groundwork for both surveillance and sabotage. The long-term concern, experts note, is not just data privacy, but systemic risk to national functioning. An absent red team: the hollowing out of SA's skills One of the most consistent failures is pre-emptive testing, with few state procurement contracts mandating red teaming or penetration testing. Instead, a culture of checkbox compliance dominates government IT planning, where simply having antivirus software counts as security preparedness. 'Breaches go undetected because no one's even looking for them,' said De Bruin. 'We have government departments that can't afford even basic endpoint protection. Of course attackers will sit in those systems for weeks.' Cisco's 2025 Index reinforces this point. 'Many organisations don't even know what their perimeter looks like any more,' said Nabeel Rajab, a cybersecurity specialist at Cisco, presenting the index on Wednesday, 28 May 2025. 'Cybersecurity is no longer just about a firewall — the attack surface has become broader and more dynamic.' The report found that 43% of South African organisations had experienced an AI-driven cyber incident in the past year, yet the majority remain reactive rather than proactive. 'More than half of organisations surveyed still operate in a mode of responding to attacks, rather than preventing them,' Rajab said. Further, South African security leadership often lacked proper executive buy-in. 'There's a disconnect between chief information security officers and C-suite executives. Security leaders are not always at the decision-making table,' said Rajab. 'Most firms don't run regular perimeter reviews. They outsource security and forget about it,' De Bruin added. 'And with AI-driven phishing kits now available for $10 (R179) on Telegram, attackers don't need to be sophisticated.' Moreover, there are opportunities for attackers to use third parties to gain access to sensitive data, as was the case with the recent Mediclinic leak. The breach occurred earlier this year, and according to a statement by the medical group occurred through a third-party IT provider, probably providing payroll services, given that the stolen data primarily consisted of payroll information. A Mediclinic media statement said: 'We are confident that no patient data has been affected,' and confirmed that their systems had since been further secured. Nation states and proxies — the advanced persistent threat in the room Advanced persistent threats (APTs) refer to highly sophisticated and sustained cyberattack campaigns, often orchestrated by nation-states or state-sponsored groups. Unlike ordinary cybercriminals who typically seek quick financial gain, APTs focus on long-term infiltration, data theft, surveillance, and even sabotage. These actors use tailored malware, social engineering, and zero-day vulnerabilities to silently breach networks, maintain access over extended periods, and exfiltrate sensitive data — often without detection. APTs are typically aligned with strategic geopolitical objectives, such as espionage, infrastructure disruption, or influence operations. Their presence in South Africa suggests the country is being used as both a testbed and a foothold for broader regional campaigns. Check Point's 2025 threat map shows increased targeting of South African systems by advanced persistent threats (APTs) such as APT28 (Russia), Void Manticore (Iran), and Volt Typhoon (China). 'APT actors used to test in Eastern Europe. Now they test here,' said De Bruin. South Africa's non-aligned foreign policy stance, paired with poor cyber defences, makes it an ideal 'silent battleground.' He added: 'APT actors value South Africa because they can trial infrastructure payloads in the wild without triggering Nato's red lines.' Cisco analysts also flagged this shift, noting that while countries like the US, Japan, and Germany have built mature cyber defences, countries like South Africa are increasingly being exploited as soft entry points for threat actors looking to test malware, exploit vulnerabilities, and gather reconnaissance. 'We're building a smart state on insecure foundations. Without urgent reform, a breach will one day lead to a blackout — or worse,' Rajab warned. What this means for you This isn't just about your ID number being on Telegram. The bigger risk is systemic failure. The disruption of power grids, water systems, or air traffic control through ransomware or unauthorised access is no longer theoretical. It has happened elsewhere — in Ukraine, Iran, and the US. South Africa may be next. Two laws govern cybercrime in South Africa: the Protection of Personal Information Act (Popia, 2013) and the Cybercrimes Act (2020). While Popia mandates breach notification, it lacks enforcement teeth. The Cybercrimes Act criminalises data interference — but with no national breach registry, no proactive SOC (Security Operations Centre) infrastructure, and limited prosecutorial momentum, its impact remains muted. The Information Regulator, tasked with enforcing Popia, has issued only a handful of sanctions. There is no obligation for public disclosure of breaches beyond notifying affected individuals, meaning systemic risks are often hidden until too late. 'The biggest threat in South Africa is normalisation,' said De Bruin. 'Once leaks become routine, so does failure.' The price of doing nothing: national security The cost of inaction is no longer reputational — it's operational and, in time, existential. Until cybersecurity is treated not as compliance window-dressing but as a survival imperative, the gap between attack and defence will only widen — with catastrophic potential. South Africa's cybersecurity response needs urgent reform: stronger legislation, competent enforcement, national breach transparency, and dedicated funding. As Rajab concluded in his briefing: 'Resilience isn't built on confidence — it's built on readiness. And right now, South Africa is confident, but not ready.' DM
