Page 21 - EngineerIT April May Issue 2026
P. 21

CYBERSECURITY



        Q: How does the African threat landscape differ from
        other regions?                                          3 MISTAKES ORGANISATIONS
        “It comes down to the pace of growth. Across Africa,
                                                                         ARE STILL MAKING
        digital expansion is happening quickly at both a
        consumer and enterprise level. The challenge is that
        cybersecurity maturity does not always keep up at       1.  Assuming “no alerts” means “no breach” –
        the same pace. In more established organisations,          Many attacks go undetected for long periods.
        capabilities are comparable with global standards. The   2.  Treating cybersecurity as a technology problem
        gap tends to appear where digitisation is accelerating     only – People and processes remain critical points
        faster than the rollout of skills and security measures.   of failure.
        That creates uneven levels of protection, which attackers   3.  Underestimating supply chain risk – Trusted
        are quick to identify.”                                    relationships are now one of the most common
                                                                   entry paths.
        Q: Are organisations underestimating how targeted
        they are?
        “Often, yes. Many organisations assume they are secure   Q: What types of attacks are increasing most in
        because they have not detected a breach. The problem   South Africa?
        is that attacks can remain hidden for long periods.    “There has been a sharp rise in password stealers,
        In some cases, breaches have been found to exist in    spyware and backdoor attacks. Recent data shows
        environments for years without being detected. That lack   increases of more than 100% in some categories,
        of visibility creates a false sense of security.”      including a 116% rise in password stealers and a 170%
                                                               increase in spyware. Attacks are also becoming more
        Q: What role does human behaviour still play?          layered. A single campaign may start with phishing,
        “It remains one of the biggest risk factors. Many      move into credential theft and then expand through
        attacks still begin with social engineering, whether   trusted systems or supply chains.”
        phishing or more targeted approaches. These
        campaigns are designed to create urgency and           Q: How are supply chains changing the risk landscape?
        pressure, prompting quick decisions without            “They are opening new and often overlooked entry points.
        verification. Cybercriminals combine technical skill   A growing number of attacks now originate through
        with a strong understanding of human behaviour. That   trusted partners or suppliers rather than direct intrusion.
        combination makes these attacks difficult to defend    At the same time, many organisations do not prioritise
        against with technology alone.”                        this risk at the level it requires. As systems become more
                                                               interconnected, these indirect pathways are becoming
                                                               more attractive to attackers.”
             5 SIGNS YOUR SYSTEM
                  MAY ALREADY BE                               Q: Where does AI fit into this picture?
                                                               “AI is accelerating both attack and defence. Attackers are
                   COMPROMISED                                 using it to improve phishing, automate processes and
                                                               support more advanced techniques such as deepfake-
                                                               driven social engineering. Defenders are using it for
         1.  No visible issues – Attacks can remain
                                                               detection, behavioural analysis and response. There are
            undetected for years without triggering alerts.
                                                               also risks linked to how organisations use AI tools. Sharing
         2.  Strange account behaviour – Unexpected
                                                               sensitive information with public models can expose data
            logins, password resets or access patterns can
                                                               in unintended ways, which makes governance and internal
            signal compromise.
                                                               controls essential.”
         3.  Subtle performance changes – Spyware and
            backdoors often run quietly but affect system
                                                               Q: If a breach is inevitable, what should organisations
            behaviour.                                         focus on?
         4.  Breaches through trusted partners – Suppliers     “Continuous improvement. There is no single solution
            and connected systems are increasingly used        that can prevent every attack. The focus should be on
            as entry points.                                   layered security, combining technology, processes and
         5.  Data exposure outside your control –              human awareness. Detection, validation and response
            Credentials appearing on the dark web may be       are critical. Organisations that can identify and
            the first visible indicator.                       respond quickly are far better positioned than those
                                                               relying on prevention alone.”



                                                21 | EngineerIT April/May 2026
   16   17   18   19   20   21   22   23   24   25   26