Some of the most damaging data breaches in the last three years have cost South African organisations between $10,000 (R18,071,888) and $20,000,000 (R361,287,992). Despite this, only 29% of South African organisations expect to increase their cyber budget by six to ten percent for 2025, according to the latest findings from PwC’s Global Digital Trust Insights Survey 2025: South Africa report.
The survey provides critical insights into the cybersecurity landscape in South Africa and Africa, and highlights the urgent need for robust cyber risk mitigation strategies.
“As cyber threats evolve, we are seeing South African organisations increasingly prioritise cybersecurity defences in order to safeguard their digital infrastructure and maintain trust in an interconnected world. This couldn’t be more pertinent considering the rate at which cyber breaches are occurring on the African continent, and the subsequent financial impacts which have a severe knock on effect on business continuity operations and companies' wider stakeholders.”
The survey, which is the longest-running and largest of its kind, reflects the sentiments of 4,042 senior business executives worldwide, including 94 organisations from South Africa. The survey was conducted from May to July 2024 and its findings underscore the pressing need for enhanced cybersecurity measures as organisations navigate an increasingly complex security threat landscape.
Cyber issues top of mind for South African business leaders
One of the primary concerns for business leaders today is the mitigation of cyber risks.
“Business leaders’ heightened focus on cybersecurity risks, reflects a growing recognition of the importance of protecting against cyberattacks and ensuring the resilience of their operations.”
Business leaders said another significant concern is the threat posed by hack-and-leak operations.
“These incidents, where sensitive information is stolen and publicly disclosed, pose a severe risk to the reputation and operational integrity of organisations. The survey indicates that African organisations are particularly vigilant about these threats, emphasising the need for robust data protection measures and incident response strategies.”
Data breaches also remain a critical issue with many organisations reporting significant impacts from such incidents.
“The financial and reputational damage caused by data breaches underscores the necessity for comprehensive security protocols and continuous monitoring to detect and respond to breaches promptly. While some organisations have managed to avoid being breached, our survey findings indicate that this remains an ever-present threat, necessitating ongoing vigilance and investment in cybersecurity.”
Key findings reflected in the report include:
66% of South African organisations prioritise mitigating cyber risks, surpassing the global average of 57%. This proactive stance reflects heightened vigilance and a commitment to addressing the growing threat landscape.
45% of South African organisations measure the potential financial impact of cyber risks to a large extent. This practice helps organisations to prioritise cyber investments, allocate resources effectively, and communicate the value of their cybersecurity programs.
47% of South African organisations express significant concern about cloud-related threats over the next 12 months. This highlights the need for robust cloud security measures to protect sensitive data and ensure business continuity. As more businesses migrate to the cloud, the focus on securing these environments becomes paramount.
29% of South African organisations expect a six to ten percent increase in their cyber budget for 2025. Bhoora says this planned increase reflects the commitment from companies who are aiming to strengthen their cybersecurity defences and address the ever-evolving security threat landscape.
47% of South African organisations face significant challenges with internal stakeholder trust in genAI. This indicates a need for better communication, education, and trust-building measures to effectively integrate genAI technologies into their businesses.
34% of South African organisations are extremely confident in their compliance with data protection regulations. This high level of confidence reflects strong regulatory adherence, coupled with robust data protection practices.
68% of South African organisations view cybersecurity as a significant competitive advantage for business growth opportunities and staying ahead of business disruption. This perspective highlights the strategic importance of cybersecurity in achieving business objectives.
“It is evident that South African organisations are increasingly becoming aware of the critical importance of cybersecurity and taking a proactive approach to mitigating these risks. Some of these key actions include quantifying cyber risks, enhancing cloud security, and investing in robust cybersecurity defence measures. By taking this approach, organisations will be well-positioned to navigate the evolving threat landscape, maintain digital trust and promote business resilience.”