Last week it was revealed that six million accounts had been hacked from South Africa’s largest cinema chain back in 2016. Details showed that although this only consisted of 1.6-million unique email accounts they also “included extensive personal information such as names, addresses, birthdates, genders and plain text passwords”. It is thought to be the largest breach in the country’s history.
This could be significant because many pundits believe Africa, as a continent, is already some way behind the rest of the world in terms of identifying, recognising and preparing for data breaches and have seen this as a particular cause for concern. While according to recent IBM research South African breaches typically cost businesses more than the global average.
“This is not South Africa’s first data breach, and they often go unreported or even worse, undetected,” stresses Neil Cosser, regional manager for Southern Africa, identity and data protection at Gemalto.
“Until there is regulation forcing disclosure of breaches, and consequences for the resulting breaches, South African companies will continue to believe that it will either not happen to them or that the consequences of the breach are less onerous than dealing with the breach in the first place.”
This type of regulation is gradually emerging elsewhere. The imminent arrival of GDPR is already causing mass panic and shock waves in any organisation which holds European citizens’ data. Yet like everywhere else in the world, it is breaches like this one that will ultimately raise awareness and push through new regulations.
“There is definitely less awareness of cybersecurity in South Africa and pan-Africa, and this can be ascribed to the slower adoption of technology and lower visibility of the data breaches that occur. As the adoption of technology grows and regulations come in line with international standards, cybersecurity awareness will inevitably follow suit,” says Cosser.
Deloitte recently pinpointed Kenya as one of the most vulnerable countries in the world for data breaches but as Cosser points out: “Kenya is seen as vulnerable due to the large number of financial transactions done electronically within their borders, and the minimal security in place to protect those transactions. As internet adoption continues to grow exponentially across the continent, all African countries, especially the technologically advanced countries like South Africa, Nigeria, and Mauritius, will be increasingly targeted.
“Even when businesses take their data protection seriously, cybersecurity skills are in short supply in South Africa and acquiring the necessary talent to resolve any security issues can be incredibly difficult,” he adds.
Darron Gibbard, chief technical security officer at Qualys seconds this point. “I think the challenge [in Africa] is the availability of skills and people to support business operations. Companies in the rest of the world have multiple security tools and services available to them to protect against breaches; in Africa there are large enterprises that take the same approach. However, there are many companies that can’t cover as many tools and as many routes into the business.”
Cosser concludes: “Organisations in South Africa often view cybersecurity as complex, and as having a negative impact on their day-to-day business processes and resources. In order to overcome this stigma, solutions need to be implemented in a way that enables further business growth. For this to happen, robust security technologies need to be simple and easy to operate, whilst security practitioners need to be well versed in business. In many cases, neither of these scenarios is true.”
Adrian Schofield sheds light on tech in South Africa
Mark Chillingworth on IT leadership
IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.
Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.