The rise of generative artificial intelligence (GenAI)-driven attacks and the growing complexity of interconnected supply chains has placed South African organisations at risk.
As cyberfraud becomes commoditised, with bad actors now able to carry out subscription-based phishing and ransomware attacks for as little as $90 per month, organisations must leverage AI-powered tools to predict, adapt defenses to emerging threats in real-time, and stop attacks.
Gartner’s latest insights reveal that almost a third (29%) of organisations had experienced an attack on enterprise GenAI application infrastructure in the last 12 months. What’s more, Mimecast’s State of Email & Collaboration Security 2024 report shows that 67% of organisations say AI-spawned attacks will become inevitable in the short term.
Commenting on the company’s findings, Akif Khan, vice-president analyst at Gartner, was quoted as saying: “As adoption accelerates, attacks leveraging GenAI for phishing, deepfakes and social engineering have become mainstream, while other threats – such as attacks on GenAI application infrastructure and prompt-based manipulations – are emerging and gaining traction.”
Supply chain vulnerability places additional strain on SA organisations
Boards and security professionals already have their hands full securing their own perimeters, but a growing number of threats are now originating from their supply chain partners, adding complexity to the existing challenge.
According to IBM Cost of a Data Breach Report 2025, the most common initial causes of data breaches in 2025 in SA were third-party vendor and supply chain compromise, which accounted for 17% of incidents and carried an average cost of R29,6-million.
Local organisations and parts of national critical infrastructure have seen a spike in attacks exploiting third-party and supply chain weaknesses, often via software vendors, contractors, or less-protected partners.
“The journey to more robust and adaptive defences carries significant challenges for local organisations. If businesses want to properly protect themselves, they should not only leverage advanced AI-powered tools but also foster a culture of empowerment and holistic risk management that extends beyond their own walls,” says Khetan Gajjar, field chief technology officer for EMEA at Mimecast.
Smart use of good AI helps defend against the bad
Predictive security, itself powered by AI, is helping organisations defend against AI-driven cyberattacks by analysing vast amounts of real-time and historical data on employee behaviour, digital footprints, and compliance.
This data-driven approach enables early detection of anomalies, high-risk individuals, and emerging threats before incidents occur.
Real-time monitoring is critical to identify new and evolving threats, including zero-day attacks, that traditional models may miss. Advanced techniques like natural language processing also help detect novel attacks such as payloadless phishing. In addition to this, using social graphing can help map user relationships and computer vision flags fraudulent sites or branding.
A key component in a holistic defence is integrated Human Risk Management (HRM), which allows companies to score user behaviour and pinpoint vulnerable employees, allowing targeted education and real-time behavioural nudges beyond simulated phishing campaigns. Automated adaptive defences, meanwhile, help shift security from reactive breach response to proactive threat anticipation and prevention.
“Predictive security is most effective when it is adaptive, when it can evolve in real-time as new threats emerge. This requires more than advanced technology. It also needs a shift in mindset, where security is seen as a dynamic, organisation-wide responsibility, not just the domain of the CIO, CTO or compliance teams,” Gajjar says.
As within, so throughout
When it comes to managing supply chain risk, Gajjar says it’s vital that appropriate measures are applied across all partners and vendors.
Business leaders must adopt a zero-trust approach. They should treat all interactions (whether internal or external), with the same level of scrutiny, verifying and monitoring every access request and data exchange.
Security teams must also implement rigorous compliance checks, risk assessments, and onboarding processes for all suppliers and partners.
Logging and auditing all interactions and data flows between the organisation and its supply chain to detect anomalies and potential threats creates an auditable trail and enhances protection.
The best way to build communal protection is to align on security standards, share threat intelligence, and coordinate incident response efforts. With continuous reviews, the entire supply chain can stay on point as threats evolve.
A pragmatic philosophy holds the key
Gajjar believes a pragmatic mindset to address security challenges can help steer companies in the right direction. To this end, he advises companies to take a three-step cyclical approach.
First, measure the environment by collecting and analysing data from all available sources to gain visibility, identify vulnerabilities, and track how threats evolve. With that insight, organisations can then empower their teams – equip people with the knowledge, tools, and authority to act on insights with automated responses, targeted training, and clear escalation processes. Finally, the emphasis shifts to protection, where the implementation of strong controls and continuous monitoring can help defend against threats while adapting as new risks emerge.
“By creating a continuous cycle, organisations can measure to understand risks, empower teams to address them, and then take action, repeating the process as new threats emerge. This philosophy helps organisations stay agile and resilient in the face of evolving cybersecurity challenges,” Gajjar advises. “The future of cybersecurity isn’t in locks and keys, it’s in security tools that leverage AI strategically to outsmart and outpace cybercriminals.”