SA firms spend more on cybersecurity – and are most worried about remote workers losing laptops

Business Insider SA
(Getty Images)
(Getty Images)
  • South African companies are spending a lot of money on cybersecurity but will likely need to increase their budgets to remain a step ahead of ever-evolving cybercriminals.
  • More than 40% of companies are spending more than they budgeted for on cybersecurity, according to a recent survey by World Wide Worx.
  • This comes amid increased vulnerability as employees work from home.
  • The most worrying scenario for these companies is workers losing their devices and non-employees gaining access to company data.
  • For more stories go to

South African companies are spending more money on cybersecurity as new threats emerge and the work from home trend exposes vulnerabilities.

The Covid-19 pandemic has changed how and where people work. And while South African offices are slowly filling up as hybrid work models replace purely remote arrangements, the surge of cyber attacks witnessed during the height of the pandemic shows no sign of slowing.

See also | As South Africans head back to the office, admin staff, receptionists, and assistants are in demand

Cybercriminals have capitalised on the remote work scenario, exposing flaws in systems which have been too slow to adapt. More than 80% of global organisations experienced increased cyber threats during the Covid-19 pandemic, according to a report by McAfee Enterprise and FireEye, now Trellix.

Globally, supply chain and logistics firms have been the hardest hit. South Africa has witnessed some high-profile attacks over the past year, with Transnet and the department of justice falling victim to ransomware attacks. More recently, credit reporting agency TransUnion South Africa was hacked for ransom, impacting at least three million consumers and 600,000 businesses.

South African corporations, acutely aware of the risks posed by cybercriminals exploiting the changing work environment, are pumping more resources into security.

But these costs are exceeding budgets in the fight to stay one step ahead of criminals, according to a recent survey conducted by World Wide Worx on behalf of Intel and Dell Technologies South Africa.

"Corporations being over-budget on cybersecurity spend may look like a positive sign, but it also raises the likelihood that the budgets were too low to begin," said World Wide Worx CEO Arthur Goldstuck, principal analyst on the research project.

"In the game of cybercrime cat and mouse, one could argue there is no such thing as being over-resourced. However, under-resourcing not only exposes companies to risk, but also poses an existential threat. A major breach can bring down a company. Budgets must catch up to the significance of the threat."

The survey found that 41% of corporations reported spending more on cybersecurity than the industry average, while 28% of respondents indicated their spending was in line with the average. Industry-leading spend was reported by 27% of respondents.

Most respondents indicated that they used managed security solutions – hiring a dedicated cyber security company – to protect them from attacks.

Implementing and managing a VPN, or Virtual Private Network, for controlled access to internal systems was the most widely reported security measure listed by respondents.

Companies are split down the middle when it comes to assessing threat levels presented by the remote work trend. Roughly half say they've seen no change in the threat of exposure to data loss from cyber threats with the growth of employees working from home. While 45% of respondents have identified "somewhat more threats".

The biggest concern among companies regarding remote work and endpoint security is missing, lost, or stolen devices, followed closely by the not-unrelated threat of non-company users accessing company data.

"With breaches now happening both above and below the OS, organisations need to keep endpoints secure from anywhere," said Khairy Ammar, services sales director for Emerging Africa and South Africa at Dell Technologies.

"You need intelligent solutions that prevent, detect, and respond to threats wherever they occur. A procedural measure like taking on a certified cybersecurity partner to manage these services is often the best protection for corporates." 

Get the best of our site emailed to you every weekday.

Go to the Business Insider front page for more stories.