Cybersecurity in South Africa, Why Resilience and Insurance Matter
Here’s your article, titled “Cybersecurity in South Africa: Threats, Governance, and the Case for Cyber Insurance”. It synthesises BaCor’s ethos of integrity and innovation with analysis from current reports and news articles, particularly the MyBroadband piece on South Africa’s cyber attack landscape, explaining why businesses must prioritise robust security practices, governance frameworks, and cyber insurance coverage.
South Africa’s digital economy is booming. The country hosts Africa’s most sophisticated banking sector, one of the continent’s largest e commerce markets and a population that relies heavily on smartphones and digital services. This rapid adoption brings enormous opportunities, but it also makes South African organisations prime targets for cybercriminals. A recent Security Navigator Africa report by Orange Cyberdefense found that South Africa recorded 110 cybercrime incidents involving extortion, ransomware and state sponsored hacking between 2020 and September 2025, the highest number in Africa (MyBroadband). Those incidents account for nearly a third of all known cyber attacks on the continent (Joburg ETC). Understanding this threat landscape and the economic risks attached is essential for business owners, boards and policymakers.
A Growing Threat Landscape
The Orange Cyberdefense report underscores how cybercrime has become a persistent national risk. Researchers compiled 340 incidents across 38 African countries and discovered that South Africa’s mature digital economy attracts more attacks than less developed peers (Joburg ETC). Large economies and those using global languages such as English, French and Portuguese experience more attacks because criminals optimise tools for widely spoken languages (Joburg ETC). According to Charl van der Walt, head of research at Orange Cyberdefense, the study focuses on incidents affecting organisations, not individuals, to provide a realistic picture of corporate cybercrime (MyBroadband). The researchers note that many attacks are never disclosed publicly, so the true scale is likely much larger (Joburg ETC).
Data breaches are accelerating
South Africa’s Information Regulator is seeing a surge in breach notifications. In the first quarter of 2024 alone more than 34.5 million local accounts were compromised, making the country the second most affected in Africa (Corbado). The number of reported data breach incidents nearly tripled from around 500 in 2022 to over 1,700 in 2023 (Corbado). These breaches are overwhelmingly the result of human error, up to 95% of incidents are linked to phishing, weak passwords and other avoidable mistakes (Corbado). Financially, the impact is staggering. The average cost of a single breach reached R53 million in 2024, with severe incidents costing up to R360 million (Corbado). Nationally, data breaches are estimated to cost South Africa R2.2 billion annually (Corbado).
Large scale attacks illustrate the stakes
- Cell C data breach (February 2024), Hackers exfiltrated about 2 terabytes of data from mobile network operator Cell C, exposing names, ID numbers, banking details and SIM metadata of 7.7 million customers (Corbado). Investigators believe the attack exploited vulnerabilities and poor segmentation of sensitive data. The breach raised fears of identity theft and SIM swap fraud (Corbado).
- Dis Chem (May 2022), A third party service provider handling communications for Dis Chem exposed 3.6 million customer records, including names, email addresses and phone numbers (Corbado). Although medical data wasn’t stolen, the incident highlighted the risks of weak vendor controls.
- Department of Justice ransomware attack (September 2021), Ransomware encrypted internal systems, disrupting court filings and social grant payments. Over 1,200 confidential files may have been accessed (Corbado), emphasising how attacks on government services can have far reaching social effects.
Why South Africa Is So Attractive to Cybercriminals
| Factor | Evidence |
|---|---|
| High digital adoption and economic standing | Advanced financial services, telecoms and e commerce broaden the attack surface for disruption, espionage or financial gain (Corbado). |
| Large volumes of personal data collected and shared | Over collection and widespread third party sharing create multiple points of compromise (Corbado). |
| Human error and lack of cyber awareness | Up to 95% of breaches are caused by phishing and poor password hygiene, many firms lack training and incident response plans (Corbado). |
| Legislative and enforcement challenges | Despite POPIA and the Cybercrimes Act, enforcement remains inconsistent due to limited resources and fragmented responsibilities (Corbado). |
The Human Factor and Social Media Risks
A significant portion of cyber risk stems from everyday employee behaviour. An IOL analysis warns that unrestricted use of social media on work devices exposes South African companies to data breaches (IOL). Employees sometimes share client details or login credentials on insecure platforms, or they click on malicious links in adverts or direct messages (IOL).
Regulatory Landscape and Board Level Accountability
South Africa has enacted several regulations to strengthen cyber resilience. The Protection of Personal Information Act (POPIA) requires organisations to safeguard personal data and report breaches. The Cybercrimes Act criminalises offences such as hacking and cyber fraud. More recently, financial regulators introduced Joint Standard 2, which came into effect on 1 June 2025. This standard makes cybersecurity governance a board level responsibility for banks, insurers and other financial institutions.
Why Cyber Insurance Is No Longer Optional
Given the scale and cost of cyber incidents, cyber insurance is becoming a strategic necessity rather than a luxury. Techtron’s Cyber Insurance Overview 2025 report indicates that the average data breach now costs South African companies about R84.9 million. Roughly 70% of businesses lack basic cybersecurity awareness, making simple mistakes their biggest threat. As a result, approximately 52% of organisations now carry dedicated cyber insurance policies, a big increase from the 18% reported in 2020.
Sources
- MyBroadband – South Africa is under cyber attack
- Joburg ETC – Increase in cyberattacks on businesses
- Corbado – Data Breaches in Africa 2024
- IOL – Why South Africa is the top target for cyber attacks and how to stay safe
- Netconfig – Cyber insurance requirements in South Africa
- Specialised Broker Services – Cyber insurance for SMEs (2025)
- Bhubacor – Company values