Only 19% of South African firms are adequately prepared to defend against cybersecurity threats. “It’s hardly surprising that SMEs are particularly susceptible to attacks, partly because they are more likely to use consumer-grade rather than business or enterprise-grade security software, but also due to their complacency about the risk,” states Reabetswe Motsamai, marketing and communications manager at MakwaIT Technologies.
Maritza van Wyk, Cisco sub-Saharan Africa SME sales lead, points out that even the smallest enterprises possess sensitive information such as email addresses, credit card details, and health records. “In the wrong hands, this data can cause chaos, jeopardising individuals’ financial security and peace of mind.”
While the latest Cisco Cybersecurity Readiness Index indicates that 78% of South African organisations plan to boost their cybersecurity budget by at least 10% in the coming 12 months, Motsamai contends that this may not be enough, especially considering the cost of cybercrime.
“The potential costs include data damage and destruction, stolen money, lost productivity, intellectual property theft, personal and financial data theft, fraud, forensic investigation, restoration and deletion of hacked data and systems, and reputational damage," she says.
"Unprepared companies could face losses between $1m and $9m, equivalent to over R19m and R171m. It’s therefore not surprising that 60% of small businesses that suffer a significant cyberattack or breach cease trading within six months of the incident.”
“Regrettably, cyberattacks are only set to escalate in the future, and cybercriminals will persist in targeting those who have not taken adequate precautions. SMEs need to invest proactively in the right tools now to fend off these attacks, rather than reactively once an incident has occurred, by which time it may be too late,” warns Motsamai.
“With 45% of South African IT departments saying that they don’t have the skills and capacity to tackle cyberthreats, it is critical that SMEs invest in end-to-end security solutions that involve a combination of the right systems and professional services. This effectively creates an IT department which these businesses tend to lack, helping them to bump up their threat mitigation capabilities."
She points out that over and above mitigating cyberthreats, this allows for more efficient business operations and, in turn, better business outcomes. The most recent State of Cybersecurity Resilience report reveals that those organisations which closely align their cybersecurity programmes to business objectives are 18% more likely to increase their ability to drive revenue growth, increase market share and improve customer satisfaction, trust and employee productivity.
The report also highlights that organisations which embed key cybersecurity actions into their digital transformation efforts and apply strong cybersecurity operational practices across the organisation are nearly 6x more likely to experience more effective digital transformations than those which don’t do both.
“Companies must look to cybersecurity as a strategic ally, not just a shield, particularly as the digital world continues to evolve, and with it, cybercrimes,” emphasises Motsamai.
“Additionally, cybersecurity must be prioritised to safeguard not just businesses, but the livelihoods and trust of those they serve,” further stresses van Wyk.
Motsamai concludes by saying that “SMEs play a critical role in driving economic growth – contributing meaningfully to job creation, innovation and overall prosperity. If they are to lead South Africa on the path to economic recovery, they should be adequately protected to ensure their survival and success.”
