More and more South African companies are falling victim to cybersecurity attacks, prompting them to increase their investment in security tools.
This is among the findings from Aon South Africa’s 2023 Cyber Risk Survey for South Africa, which provides insights on current trends in cyber risk governance practices being deployed by local companies in various market segments.
Key findings include:
* 22% of respondents suffered a cyber incident in the past five years.
* 67% of participants deploy a cyber risk management tool.
* Only 50% of respondents have a board-level cyber champion.
* 72% of participants purchase cyber insurance.
The study shows that companies are more likely to “beef up” their cybersecurity following a cyber incident.
“We question whether companies that have suffered a cyber-attack would have better cyber risk management practices in place, than those who did not suffer an attack,” says Zamani Ngidi, cyber solutions senior client manager and co-author of Aon’s 2023 Cyber Risk Survey.
“The findings in the survey show that of the 22% of respondents that have suffered a cyber-attack, all subsequently have the full stack of cyber-related covers and tools in place as opposed to their counterparts, with less than 50% uptake on mitigation controls.”
The survey also found that only 43% of South African companies with revenue of less than R100m deploy a cyber risk management tool, as opposed to 80% of companies with revenue of over R100-million.
“It points to two possible scenarios, where smaller companies are finding the cost of proactive risk management too high, or it could point to a perception that the risk is only reserved for companies with a higher revenue bracket,” Zamani explains.