While much C-level attention is focused on Artificial Intelligence (AI) growing at a record pace, with key metrics doubling within months, there is a risk of many cyber threats going unnoticed.
By Adriaan Venter, CEO of Cube ICT Solutions
AI is the technological poster child right now and our fascination with everything from ChatGPT to AI-powered self-driving vehicles could well take us away from focusing on the fact that ransomware attacks increased by 126% in a single quarter, with our own continent recording the highest average weekly attacks.
Every South African homeowner knows that criminals attack when one’s guard is down and the same is true in business. With trading conditions remaining precarious, Corporate South Africa cannot afford to be transfixed by new technologies when old challenges have not gone away.
Perhaps many local business leaders are resting easy because they feel they have ringfenced their organisation with the best cyber defences money can buy. Sadly, relying solely on an impregnable perimeter for defence is a serious mistake as old as the city of Troy.
In most cases, successful attacks today and three thousand years ago did not succeed because they went straight through the perimeter wall. Civilisations, cities, organisations and cyber defences fall when attackers use daring to exploit the weakest link and that is often the human element.
In 2026, credible endpoint threat reports indicate over 80% of threat detections are now malware-free, focusing instead on exploiting legitimate endpoint tools used by human workers such as mobile handsets, PCs, laptops and IoT devices. Cybercriminals are targeting both the security software designed to protect these devices and the connected devices themselves, especially in remote and hybrid work environments.
For organised cybercriminals, endpoint devices and their accompanying software are the easiest entry into your environment. To gain virtual entry into organisations, cyberattackers are using highly personalised phishing emails and even deepfakes to trick employees into revealing credentials. They might also send fake IT support messages or invoices containing QR codes that, when scanned, steal mobile user credentials or download malicious apps. Attackers could even compromise vendors that have trusted access to the organisation’s network.
Because there are so many endpoint gaps for attackers to exploit, dedicated endpoint security and monitoring is necessary to close off these vulnerabilities.
Firstly, behaviour-based threat detection in endpoint security identifies potential attacks by monitoring systems, applications and users for suspicious activities or anomalies that deviate from known behavioural baselines. For instance, machine learning is used to analyse actions like file changes or network connections in real-time.
Next, centralised visibility and control provides a single, unified console that offers real-time monitoring across an organisation’s network. This centralised focus enables security teams to instantly detect threats and enforce consistent security policies across all endpoints from a single location.
Finally, endpoint security should be built around how teams work by adopting a user-centric, zero-trust approach that integrates security directly into collaborative tools. This allows for seamless productivity and effective endpoint security without disruptive manual security checks.
As Africa becomes the region most targeted by the world’s cybercriminals, secure cyber perimeters and engage in employee education to reduce behaviour-based endpoint threats as much as (humanly) possible.