- South Africa faces a significant skills gap in cybersecurity, with 52% of respondents expecting an increase in cyberattacks within the next year, according to the Fortinet 2023 Cybersecurity Skills Gap report.
- The lack of cybersecurity expertise has substantial economic impacts, with nearly half of global organizations reporting financial consequences from security breaches, and addressing these issues costing over $1 million.
- As work-from-anywhere (WFA) arrangements become more prevalent, companies must invest in cybersecurity infrastructure and employee training to address the growing risks and protect their businesses.
South Africa is facing a severe skills gap in the field of cybersecurity, as revealed by the Fortinet 2023 Cybersecurity Skills Gap report. The report, based on a comprehensive survey of over 1,800 IT and cybersecurity decision-makers from 29 countries, including South Africa, highlights the urgent need to address this deficiency.
The study estimates that around 3.4 million professionals are needed to fill the global cybersecurity workforce gap, with the talent shortage posing a significant threat to organizations. A staggering 86% of the companies participating in the report admitted to experiencing more than one cyberattack in the past year, partially due to insufficient cybersecurity expertise among their staff.
In South Africa, 52% of respondents anticipate an increase in cyberattacks within the next 12 months. As a proactive measure, 94% of South African companies are willing to invest in employee training for obtaining cybersecurity certifications. However, over 70% of global respondents find it challenging to locate individuals with the required certifications.
The consequences of inadequate cybersecurity skills are not just limited to data breaches but also have a substantial economic impact on businesses. Almost half of the global organizations surveyed reported financial repercussions from security breaches in the past year, with the cost of addressing these issues exceeding $1 million – a 38% increase compared to the previous year’s report.
Phishing, malware, and password attacks accounted for 81% of the cyber incidents experienced by the survey participants in 2022. These attacks can directly target systems and users, with phishing schemes being particularly dangerous as they can serve as delivery mechanisms for other types of attacks, including malware and social engineering, which can lead to password and web-based attacks.
Fortinet has previously emphasized the growing number of cybercrime incidents due to the widespread adoption of work-from-home and hybrid work models. Approximately two-thirds of companies in South Africa have reported data breaches as a result of work-from-anywhere (WFA) vulnerabilities.
South Africans face additional risks from load shedding, which forces WFA employees to switch between networks – fibre, mobile, and public Wi-Fi – thereby creating opportunities for cybercriminals to intercept business communications on unprotected devices.
Fortinet asserts that cybersecurity should be a top priority for companies, but acknowledges that WFA arrangements are likely here to stay, given their numerous benefits. The organization notes that only a third of employees in EMEA countries, including South Africa, have returned to the office full-time, with most companies allowing a combination of remote work up to four days per week or even permanently.
As a result, companies must invest in developing a robust cybersecurity infrastructure. The Fortinet 2023 WFA Global study found that 94% of surveyed companies plan to increase their security budgets in alignment with WFA policies. By addressing the cybersecurity skills gap, South Africa can better protect its businesses and citizens from the ever-evolving threats in the digital landscape.