With 577 cyberattacks per hour, the cost of cybercrime to the South African economy is estimated at a staggering R2.2 billion annually, and requires cybersecurity to become a strategic imperative firmly identified within boardrooms.
Image: Ron AI
The recent data breach at Liberty, where the company detected unauthorised third-party access to select data systems, has drawn attention to the growing cyber vulnerabilities facing established organisations in South Africa. As investigations into the breach continue, the incident serves as a stark reminder that cyber risk is now a systemic business threat, with significant financial, regulatory, and reputational implications.
This announcement comes amidst escalating cyber threat activity nationwide. According to the Yolo Cybersecurity Report, South Africa is now among the world’s most-targeted nations, enduring an alarming 577 cyberattacks per hour. The cost of cybercrime to the South African economy is estimated at R2.2 billion annually (TechCabal, 2025), illustrating its broad economic impact.
Many factors contribute to South Africa's heightened cyber exposure, including high digital adoption and valuable data sets. However, uneven security maturity across various organisations exacerbates this situation. The shortage of skilled professionals and reliance on legacy systems further heighten risks, creating an environment that attackers can exploit with increasing ease. In light of this, cybersecurity experts argue that the Liberty breach highlights deeper structural weaknesses in organisational approaches to cyber risk management.
“The Liberty breach highlights how cyber risk in South Africa is both widespread and highly sophisticated, impacting organisations of all sizes indiscriminately,” says Muhammad Ali, Managing Director of World Wide Industrial & Engineering Systems (WWISE). “It exposes weaknesses in detection, response, and continuous risk management. Compliance alone is no longer sufficient. Organisations must adopt resilience-based security approaches aligned with information security best practice standards, including continuous testing and validation of controls.”
The Liberty incident signals a significant shift in how organisations regard cybersecurity. No longer an issue relegated to the technical domain, cyber risk has penetrated executive governance structures. A recent PwC report from 2025 indicated that 68% of South African organisations now view cybersecurity not merely as a risk mitigation strategy but as a potential competitive advantage.
Ali notes that this evolution is both necessary and overdue. “Cyber risk moves into the boardroom when it begins to pose a material threat to financial performance, operational stability, or reputation. For most organisations, that threshold has already been reached,” he explains. “Best-practice governance frameworks clearly dictate that accountability for cyber risk resides with top management, extending beyond just IT departments.”
Despite this shift in perspective, many organisations continue to approach cybersecurity as a compliance box to tick, particularly concerning the Protection of Personal Information Act (POPIA) and the Cybercrimes Act. Ali acknowledges that although regulatory scrutiny is intensifying, many organisations remain inadequately prepared. “Gaps persist in data governance, incident response, and third-party risk management. POPIA is often treated as a one-off exercise rather than a continuous discipline.”
The repercussions of underestimating cyber risk can be severe. Businesses not only face potential regulatory penalties, but also operational disruptions, legal liabilities, and lasting reputational damage. “Many underestimate the real cost of a breach,” says Ali. “This includes legal liability, downtime, loss of customer trust, and erosion of investor confidence — impacts that can take years to mend.”
As cyber threats continue to evolve, so too do the tactics employed by attackers. Increasingly, they leverage automation, artificial intelligence, and social engineering to bypass traditional defences, targeting human behaviours as much as technological systems. “Cyber threats are increasingly identity-based and AI-driven,” Ali elaborates, emphasising the crucial need for strong identity controls and more adaptive security strategies.
Muhammad Ali, Managing Director of World Wide Industrial & Engineering Systems (WWISE)
Image: Supplied
This evolution is generating a heightened demand for continuous monitoring and real-time response capabilities. Traditional audits are no longer adequate in an environment where threats evolve in real time. “Continuous monitoring is essential,” Ali says. “Detection and response must be immediate; anything less leaves organisations vulnerable.”
The ongoing shift in perspective is not just technological; it is fundamentally about governance. Organisations must adopt stronger board oversight, clear accountability, and a focus on frameworks such as COBIT, the National Institute of Standards and Technology (NIST) Cybersecurity Framework, and ISO/IEC 27001:2022, all of which weave cybersecurity into broader enterprise risk management strategies. “A proactive cybersecurity approach integrates cyber risk into enterprise risk management,” Ali asserts, “prioritising resilience through detection, response, and continuity alongside prevention.”