Latest news with #2025CybersecurityReadinessIndex
Daily Maverick
5 days ago
- Business
- Daily Maverick
Data breaches and cyber vulnerabilities – SA's troubling lack of readiness revealed
South Africa is becoming globally notorious in a field that should really be avoided: cybersecurity failure. A recent report from Virtual Private Network provider Surfshark shows that South Africa ranks second on the continent for data breaches. Simultaneously, Cisco's 2025 Cybersecurity Readiness Index reveals a dangerous disconnect — while 85% of local companies believe they're prepared, just 7% meet the 'mature' threshold for actual cyber resilience. Daily Maverick's examination of leaked data on the dark web confirms a troubling truth: South African data is leaking at an industrial scale, driven by poor cyber hygiene and a digital environment outpacing its own defences. Less than zero: South Africa's scorecard South African Airways (SAA), the South African National Defence Force (SANDF), Experian, and Home Affairs — and as of last week, Mediclinic — the list goes on. South Africa has emerged as one of the primary countries targeted by hackers for data leaks and ransomware. The Surfshark 2025 breach ranking places South Africa second in Africa and 37th globally, but more concerning is our upwards trajectory. Surfshark data shows a 164% increase in breach volume from the third quarter to the fourth quarter of last year, based on tracked accounts exposed in known breached databases. Meanwhile, Cisco's 2025 Cybersecurity Readiness Index found that while 85% of South African firms claim confidence, most fall into 'formative' or 'beginner' categories, indicating an alarming gap between perception and preparedness. Of far more import is the risk to the state and public sector. The SANDF breach of August 2023 revealed critical gaps in public sector cybersecurity. Operational schedules, internal communications, and staff details were dumped on public forums. Should a similar breach hit Eskom or Rand Water, the fallout could escalate from data loss to national service failure, severely undermining South Africa's essential infrastructure. Smashthestate: infrastructure in the crosshairs The SANDF breach wasn't a one-off. Staff rosters, operational files, and internal communications were leaked with minimal resistance, revealing deep structural vulnerabilities — at the time that Daily Maverick viewed the page, the data had been downloaded 154 times. South African Airways (SAA) similarly saw both employee and passenger data compromised. Even the Department of Home Affairs — custodian of the national population register and biometric databases — has suffered multiple exposures. In one case, a misconfigured public server linked to a third-party contractor's testing environment left biometric fingerprint templates, ID numbers, and passport scans openly accessible online for more than two months before being taken down. 'The system wasn't even behind a login — it was indexed by search engines,' confirmed Hendrik de Bruin, the head of SADC Security Consulting at Check Point in an interview with Daily Maverick. 'Anyone with a browser could access high-value identity data in raw form.' This not only violates basic data protection principles, but poses significant surveillance and identity theft risks, particularly given South Africa's widespread use of biometrics for banking and social grants. 'There is no proper segmentation between operational tech and IT in many departments. That's how you go from data loss to infrastructure failure,' continued de Bruin. 'Public entities often rely on legacy systems patched together over decades, making them a soft target.' Telecom metadata leaks suggest even critical communications infrastructure is poorly protected — laying the groundwork for both surveillance and sabotage. The long-term concern, experts note, is not just data privacy, but systemic risk to national functioning. An absent red team: the hollowing out of SA's skills One of the most consistent failures is pre-emptive testing, with few state procurement contracts mandating red teaming or penetration testing. Instead, a culture of checkbox compliance dominates government IT planning, where simply having antivirus software counts as security preparedness. 'Breaches go undetected because no one's even looking for them,' said De Bruin. 'We have government departments that can't afford even basic endpoint protection. Of course attackers will sit in those systems for weeks.' Cisco's 2025 Index reinforces this point. 'Many organisations don't even know what their perimeter looks like any more,' said Nabeel Rajab, a cybersecurity specialist at Cisco, presenting the index on Wednesday, 28 May 2025. 'Cybersecurity is no longer just about a firewall — the attack surface has become broader and more dynamic.' The report found that 43% of South African organisations had experienced an AI-driven cyber incident in the past year, yet the majority remain reactive rather than proactive. 'More than half of organisations surveyed still operate in a mode of responding to attacks, rather than preventing them,' Rajab said. Further, South African security leadership often lacked proper executive buy-in. 'There's a disconnect between chief information security officers and C-suite executives. Security leaders are not always at the decision-making table,' said Rajab. 'Most firms don't run regular perimeter reviews. They outsource security and forget about it,' De Bruin added. 'And with AI-driven phishing kits now available for $10 (R179) on Telegram, attackers don't need to be sophisticated.' Moreover, there are opportunities for attackers to use third parties to gain access to sensitive data, as was the case with the recent Mediclinic leak. The breach occurred earlier this year, and according to a statement by the medical group occurred through a third-party IT provider, probably providing payroll services, given that the stolen data primarily consisted of payroll information. A Mediclinic media statement said: 'We are confident that no patient data has been affected,' and confirmed that their systems had since been further secured. Nation states and proxies — the advanced persistent threat in the room Advanced persistent threats (APTs) refer to highly sophisticated and sustained cyberattack campaigns, often orchestrated by nation-states or state-sponsored groups. Unlike ordinary cybercriminals who typically seek quick financial gain, APTs focus on long-term infiltration, data theft, surveillance, and even sabotage. These actors use tailored malware, social engineering, and zero-day vulnerabilities to silently breach networks, maintain access over extended periods, and exfiltrate sensitive data — often without detection. APTs are typically aligned with strategic geopolitical objectives, such as espionage, infrastructure disruption, or influence operations. Their presence in South Africa suggests the country is being used as both a testbed and a foothold for broader regional campaigns. Check Point's 2025 threat map shows increased targeting of South African systems by advanced persistent threats (APTs) such as APT28 (Russia), Void Manticore (Iran), and Volt Typhoon (China). 'APT actors used to test in Eastern Europe. Now they test here,' said De Bruin. South Africa's non-aligned foreign policy stance, paired with poor cyber defences, makes it an ideal 'silent battleground.' He added: 'APT actors value South Africa because they can trial infrastructure payloads in the wild without triggering Nato's red lines.' Cisco analysts also flagged this shift, noting that while countries like the US, Japan, and Germany have built mature cyber defences, countries like South Africa are increasingly being exploited as soft entry points for threat actors looking to test malware, exploit vulnerabilities, and gather reconnaissance. 'We're building a smart state on insecure foundations. Without urgent reform, a breach will one day lead to a blackout — or worse,' Rajab warned. What this means for you This isn't just about your ID number being on Telegram. The bigger risk is systemic failure. The disruption of power grids, water systems, or air traffic control through ransomware or unauthorised access is no longer theoretical. It has happened elsewhere — in Ukraine, Iran, and the US. South Africa may be next. Two laws govern cybercrime in South Africa: the Protection of Personal Information Act (Popia, 2013) and the Cybercrimes Act (2020). While Popia mandates breach notification, it lacks enforcement teeth. The Cybercrimes Act criminalises data interference — but with no national breach registry, no proactive SOC (Security Operations Centre) infrastructure, and limited prosecutorial momentum, its impact remains muted. The Information Regulator, tasked with enforcing Popia, has issued only a handful of sanctions. There is no obligation for public disclosure of breaches beyond notifying affected individuals, meaning systemic risks are often hidden until too late. 'The biggest threat in South Africa is normalisation,' said De Bruin. 'Once leaks become routine, so does failure.' The price of doing nothing: national security The cost of inaction is no longer reputational — it's operational and, in time, existential. Until cybersecurity is treated not as compliance window-dressing but as a survival imperative, the gap between attack and defence will only widen — with catastrophic potential. South Africa's cybersecurity response needs urgent reform: stronger legislation, competent enforcement, national breach transparency, and dedicated funding. As Rajab concluded in his briefing: 'Resilience isn't built on confidence — it's built on readiness. And right now, South Africa is confident, but not ready.' DM
Channel Post MEA
6 days ago
- Business
- Channel Post MEA
Cisco Reveals UAE Insights From Its 2025 Cybersecurity Readiness Index
According to Cisco's 2025 Cybersecurity Readiness Index, a total of 30% of organizations in UAE have achieved the 'Mature' or 'Progressive' levels of readiness required to effectively withstand today's cybersecurity threats. This represents an improvement from last year's Index, however further efforts are required to address cybersecurity preparedness as hyperconnectivity and AI introduce new complexities for security practitioners. AI is revolutionizing security and escalating threat levels, with 93% of organizations in the country having faced AI-related incidents last year. However, only 62% of respondents are confident their employees fully understand AI-related cybersecurity threats, and only 57% believe their teams fully grasp how malicious actors are using AI to execute sophisticated attacks. This awareness gap leaves organizations critically exposed. AI is compounding an already challenging threat landscape. In the last year, over half of organizations (55%) suffered cyberattacks, hindered by complex security frameworks with siloed point solutions. The top three types of cybersecurity incidents include malware (76%), phishing attacks (59%), and data breaches by malicious actors (47%). Ransomware attacks were mentioned by 39% of respondents. Fady Younes, Managing Director for Cybersecurity at Cisco Middle East, Africa, Türkiye, Romania and CIS, said: 'As AI reshapes our world, it brings an entirely new class of risks at an unprecedented scale, putting even more pressure on infrastructure and those who defend it.' He added: 'Our region's leadership in AI adoption is remarkable, paving the way for a dynamic future where innovative, AI-driven cybersecurity measures are critical for enhancing and protecting our digital landscape. Cisco is committed to support organizations in the region in enhancing their digital resilience by prioritizing AI solutions, streamlining security architecture, and addressing talent shortages. Today, preparedness is key to ensuring that businesses remain relevant and can thrive in the AI era.' The Index evaluates companies' readiness across five pillars – Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and AI Fortification – and encompasses 31 solutions and capabilities. Based on a double-blind survey of 8,000 private sector security and business leaders in 30 global markets, including 202 in the UAE, respondents detailed their deployment stages for each solution. Companies were then categorized into four readiness stages: Beginner, Formative, Progressive, and Mature. Findings Cybersecurity preparedness in the UAE remains alarmingly low, especially as 75% of respondents anticipate business disruptions from cyber incidents within the next 12 to 24 months. Further: AI's Expanding Role in Cybersecurity: An impressive 96% of organizations use AI to understand threats better, 93% for threat detection, and 77% for recovery, underscoring AI's vital role in strengthening cybersecurity strategies. An impressive 96% of organizations use AI to understand threats better, 93% for threat detection, and 77% for recovery, underscoring AI's vital role in strengthening cybersecurity strategies. Generative AI (GenAI) Deployment Risks: GenAI tools are widely adopted, with 45% of employees using approved third-party tools. However, 20% have unrestricted access to public GenAI, and 54% of IT teams are unaware of employee interactions with GenAI, underscoring major oversight challenges. GenAI tools are widely adopted, with 45% of employees using approved third-party tools. However, 20% have unrestricted access to public GenAI, and 54% of IT teams are unaware of employee interactions with GenAI, underscoring major oversight challenges. Shadow AI Concerns: 33% of organizations lack confidence in detecting unregulated AI deployments, or shadow AI, posing significant cybersecurity and data privacy risks. 33% of organizations lack confidence in detecting unregulated AI deployments, or shadow AI, posing significant cybersecurity and data privacy risks. Unmanaged Device Vulnerability: Within hybrid work models, 88% of organizations face increased security risks as employees access networks from unmanaged devices. This is exacerbated by using unapproved Gen AI tools. Within hybrid work models, 88% of organizations face increased security risks as employees access networks from unmanaged devices. This is exacerbated by using unapproved Gen AI tools. Investment Priorities Shift: While almost all (98%) organizations plan to upgrade their IT infrastructure in the next 12-24 months, only 9% allocate more than 20% of their IT budget to cybersecurity. This finding suggests an opportunity for enhanced investment in comprehensive defense strategies, as the pace of threats continues to rise. While almost all (98%) organizations plan to upgrade their IT infrastructure in the next 12-24 months, only 9% allocate more than 20% of their IT budget to cybersecurity. This finding suggests an opportunity for enhanced investment in comprehensive defense strategies, as the pace of threats continues to rise. Complex Security Postures: Over four in five (81%) organizations report that their complex security infrastructures, dominated by the deployment of more than 10 point security solutions, are hampering their ability to respond to threats swiftly and effectively. Over four in five (81%) organizations report that their complex security infrastructures, dominated by the deployment of more than 10 point security solutions, are hampering their ability to respond to threats swiftly and effectively. Talent Shortage Impedes Progress: A staggering 87% of respondents identify the shortage of skilled cybersecurity professionals as a major challenge, with 57% reporting more than 10 positions to fill. To tackle today's cybersecurity challenges, organizations in the UAE must invest in AI-driven solutions, simplify security infrastructures, and enhance AI threat awareness. Prioritizing AI for threat detection, response, and recovery is essential, as is addressing talent shortages and mitigating risks from unmanaged devices and shadow AI. 0 0
Web Release
6 days ago
- Business
- Web Release
Cisco Unveils UAE Findings from its Cybersecurity Readiness Index for 2025
According to Cisco's 2025 Cybersecurity Readiness Index, a total of 30% of organizations in UAE have achieved the 'Mature' or 'Progressive' levels of readiness required to effectively withstand today's cybersecurity threats. This represents an improvement from last year's Index, however further efforts are required to address cybersecurity preparedness as hyperconnectivity and AI introduce new complexities for security practitioners. AI is revolutionizing security and escalating threat levels, with 93% of organizations in the country having faced AI-related incidents last year. However, only 62% of respondents are confident their employees fully understand AI-related cybersecurity threats, and only 57% believe their teams fully grasp how malicious actors are using AI to execute sophisticated attacks. This awareness gap leaves organizations critically exposed. AI is compounding an already challenging threat landscape. In the last year, over half of organizations (55%) suffered cyberattacks, hindered by complex security frameworks with siloed point solutions. The top three types of cybersecurity incidents include malware (76%), phishing attacks (59%), and data breaches by malicious actors (47%). Ransomware attacks were mentioned by 39% of respondents. Fady?Younes, Managing Director for Cybersecurity at Cisco Middle East, Africa, Türkiye, Romania and CIS, said: 'As AI reshapes our world, it brings an entirely new class of risks at an unprecedented scale, putting even more pressure on infrastructure and those who defend it.' He added: 'Our region's leadership in AI adoption is remarkable, paving the way for a dynamic future where innovative, AI-driven cybersecurity measures are critical for enhancing and protecting our digital landscape. Cisco is committed to support organizations in the region in enhancing their digital resilience by prioritizing AI solutions, streamlining security architecture, and addressing talent shortages. Today, preparedness is key to ensuring that businesses remain relevant and can thrive in the AI era.' The Index evaluates companies' readiness across five pillars – Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and AI Fortification – and encompasses 31 solutions and capabilities. Based on a double-blind survey of 8,000 private sector security and business leaders in 30 global markets, including 202 in the UAE, respondents detailed their deployment stages for each solution. Companies were then categorized into four readiness stages: Beginner, Formative, Progressive, and Mature. Findings Cybersecurity preparedness in the UAE remains alarmingly low, especially as 75% of respondents anticipate business disruptions from cyber incidents within the next 12 to 24 months. Further: AI's Expanding Role in Cybersecurity: An impressive 96% of organizations use AI to understand threats better, 93% for threat detection, and 77% for recovery, underscoring AI's vital role in strengthening cybersecurity strategies. An impressive 96% of organizations use AI to understand threats better, 93% for threat detection, and 77% for recovery, underscoring AI's vital role in strengthening cybersecurity strategies. Generative AI (GenAI) Deployment Risks: GenAI tools are widely adopted, with 45% of employees using approved third-party tools. However, 20% have unrestricted access to public GenAI, and 54% of IT teams are unaware of employee interactions with GenAI, underscoring major oversight challenges. GenAI tools are widely adopted, with 45% of employees using approved third-party tools. However, 20% have unrestricted access to public GenAI, and 54% of IT teams are unaware of employee interactions with GenAI, underscoring major oversight challenges. Shadow AI Concerns: 33% of organizations lack confidence in detecting unregulated AI deployments, or shadow AI, posing significant cybersecurity and data privacy risks. 33% of organizations lack confidence in detecting unregulated AI deployments, or shadow AI, posing significant cybersecurity and data privacy risks. Unmanaged Device Vulnerability: Within hybrid work models, 88% of organizations face increased security risks as employees access networks from unmanaged devices. This is exacerbated by using unapproved Gen AI tools. Within hybrid work models, 88% of organizations face increased security risks as employees access networks from unmanaged devices. This is exacerbated by using unapproved Gen AI tools. Investment Priorities Shift: While almost all (98%) organizations plan to upgrade their IT infrastructure in the next 12-24 months, only 9% allocate more than 20% of their IT budget to cybersecurity. This finding suggests an opportunity for enhanced investment in comprehensive defense strategies, as the pace of threats continues to rise. While almost all (98%) organizations plan to upgrade their IT infrastructure in the next 12-24 months, only 9% allocate more than 20% of their IT budget to cybersecurity. This finding suggests an opportunity for enhanced investment in comprehensive defense strategies, as the pace of threats continues to rise. Complex Security Postures: Over four in five (81%) organizations report that their complex security infrastructures, dominated by the deployment of more than 10 point security solutions, are hampering their ability to respond to threats swiftly and effectively. Over four in five (81%) organizations report that their complex security infrastructures, dominated by the deployment of more than 10 point security solutions, are hampering their ability to respond to threats swiftly and effectively. Talent Shortage Impedes Progress: A staggering 87% of respondents identify the shortage of skilled cybersecurity professionals as a major challenge, with 57% reporting more than 10 positions to fill. To tackle today's cybersecurity challenges, organizations in the UAE must invest in AI-driven solutions, simplify security infrastructures, and enhance AI threat awareness. Prioritizing AI for threat detection, response, and recovery is essential, as is addressing talent shortages and mitigating risks from unmanaged devices and shadow AI.
Time of India
20-05-2025
- Business
- Time of India
Only 7% of organisations in India ready for cyber threats: Cisco report
Amid a growing wave of AI-driven cybersecurity threats, only 7% of organisations in India are adequately prepared to defend against them, according to Cisco's 2025 Cybersecurity Readiness Index. This is a modest increase over the 4% reported last year. Overall readiness remains alarmingly low, particularly as hyperconnectivity and the rise of AI continue to introduce complex new security challenges. The report is based on a double-blind survey of 8,000 private sector security and business leaders in 30 markets. This is a research method where both the participants and the researchers interacting with them are unaware of certain key aspects of the study, to avoid bias. The report states that 9 in 10 organisations faced AI-related security incidents last year. However, only 66% of respondents are confident that their employees understand these threats. About 63% believe their teams fully understand how malicious actors use AI to execute sophisticated attacks. Live Events 'As cyberattacks grow in scale and sophistication, the risks now extend far beyond data loss. Organisations face operational disruption, damage to brand reputation, and erosion of customer trust,' Samir Kumar Mishra of Cisco India & SAARC said in a statement. Discover the stories of your interest Blockchain 5 Stories Cyber-safety 7 Stories Fintech 9 Stories E-comm 9 Stories ML 8 Stories Edtech 6 Stories Also Read: Cybersecurity agency CERT-In flags spike in online threats Understanding the foe The lack of cybersecurity readiness in India is high as 81% of respondents anticipate business disruptions from cyber incidents within the coming two years. About 96% of organisations are using AI to understand the threats, 88% use it for threat detection and 77% for response and recovery. This shows that the technology contributes equally on both sides of the fence. Another important finding was that 46% of employees use approved third-party generative AI tools . However, 28% have unrestricted access to public Gen AI tools and 43% of IT teams are unaware of employee interactions with Gen AI. With hybrid work models, 90% of organisations are exposed to security risks as employees access networks from unmanaged devices. Investment priorities shift About 98% of organisations plan to upgrade their IT infrastructure . However, only 54% allocate more than 10% of their IT budget to cybersecurity (a 7% reduction year-over-year). A staggering 92% of respondents identified a shortage of skilled cybersecurity professionals as a major challenge, with 65% reporting more than ten positions to fill. Looking ahead, respondents identified malicious actors and state-affiliated groups as more significant threats to their organisations than internal risks.
