The global information and communication technology (ICT) landscape is faced with three main crises: submarine internet cable cuts, artificial intelligence (AI)-driven cyber security threats, and vulnerabilities in the International Mobile Equipment Identity (IMEI) ecosystem.
So said Dr Andile Ngcaba, executive chairman and co-founder of Convergence Partners and Solcon Capital.
Ngcaba was speaking at the inaugural Chartered CIO Conference, delivered by the Chartered CIO Council in partnership with ITWeb. The gathering sought to unpack the challenges South African CIOs face in 2026, and how to balance innovation with resilience, scaling AI responsibly, modernising legacy systems and ensuring digital transformation.
A former public official – he was appointed as the first communications director-general of the democratically-elected government in 1994 – Ngcaba is a well-regarded technologist whose views on the ICT sector are often considered as a guide.
In his keynote address, titled: “In the era of kinetic conflict”, he stated the three areas are “very complex”, adding that no private individual or company can solve them as they require “massive” collaboration from all stakeholders.
Ngcaba noted that in March 2024, one of South Africa’s submarine cables was cut near Yemen and caused a semi-blackout, highlighting the vulnerability of undersea cables.
Since then, damage to undersea infrastructure has become almost regular, he pointed out. Usually, submarine cable vulnerabilities occur because of damage caused by a fishing trawler. The cable then requires about six weeks to fix.
However, when damage is caused by kinetic conflict or warfare, reaching that territory is not that easy, he stated. “There are choke points in the world. Unfortunately, submarine cables have to go through all these choke points – the Strait of Hormuz, up next to north of Somalia (Djibouti), or what you call the Gulf of Aden, the Suez Canal, the Strait of Malacca next to Malaysia and Singapore, and on the side of the Atlantic, basically Panama.
“These areas are now starting to become areas of attack, areas of sabotage, areas that people feel it’s a way to attack each other, and it’s becoming a big issue for all of us who operate subsea cables.”
Bringing it back home, Ngcaba explained that South Africa is in the top eight when it comes to internet exchange traffic. “It is not just a node for us; it’s becoming a global node.”
As a result, modern submarine cable designs must consider these geopolitical risks. “Before, we would deploy subsea cables without even thinking about possibilities of either sabotage or war. Today, these are issues that we must factor in as and when we design and build subsea cables.”
In recent years, the amount of global submarine cables has increased, with the 2Africa cable, Google’s Equiano and phase two of the Africa Coast to Europe cable going live.
However, industry operators have warned that the expansion has not been matched with the necessary security measures, leaving these critical networks increasingly vulnerable.
Submarine cable breaks can disrupt internet and telecommunications services. These cables, which lie on the ocean floor, carry about 95% of global internet traffic, making them crucial for international connectivity.
The global response to the undersea infrastructure challenges has been the establishment of the International Advisory Body for Submarine Cable Resilience by the International Telecommunication Union.
The group aims to protect and ensure the world’s infrastructure that carries $20 trillion daily financial transactions is not affected by conflict, he stated. “On the Australasia side (Australia, India, Japan and the US), they’ve created a community to make sure they protect that corridor, and the same applies for the European Union, NATO and the US.
“We are busy working on a model on how best we build diversity in Sub-Saharan Africa to make sure that wherever there are challenges, we must have four diverse routes of subsea infrastructure coming in and out of our hub.”
Ngcaba shifted focus to what he terms cyber conflict, where technology has become part of warfare. He highlighted AI-driven cyber threats/attacks, saying these include prompt injection, agent hijacking, supply chain compromise, rank poisoning, synthetic identity generation, AI voice cloning fraud, AI political manipulation, model context protocol and server exploitation.
He added that these are new types of agents that are being used as part of the attack surface.
“As CIOs and tech people… [we see how] our technologies have a dual use: military and civilian purposes. It is very important that, as a country, we understand what is happening and be able to provide defence in our own ecosystem. Gone are the days when the issue of attacks is classic DDoS. This world has become much more complex.
“Today, we have what we call inference API DoS, meaning how people use inference for the way in which people are working. These are all areas that we are experiencing in the world of today.”
Ngcaba pointed to large language model attacks/fraud and the agentic AI threats that are in networks, adding there is also disinformation warfare.
To illustrate some of the malicious AI arsenals that people use, he said a person can hire fraud GPT at $100 a month. “It’s software-as-a-service, to put it bluntly. Some of them are free, some you buy, some of them you rent, some of them you can ask to attack on your behalf and share the rewards.”
The third area that Ngcaba emphasised is the need for national IMEI management solutions to mitigate threats.
IMEI poses significant security risks, he said. For example, 49 million SIM cards were found to be cloned in Europe. He added that he is concerned that in a population of 65 million South Africans, there are 134 million mobile phones.
“This issue of IMEIs has been proven as a serious attack surface to ordinary people…how they get cloned, how some of them are fake, and how some of them are used for a variety of reasons.”
In terms of lessons for South Africa, he warned that without a national IMEI management system, compromise can reach tens of millions of devices before detection.
An IMEI management solution means the device becomes one’s identity, he said. “This is something that we believe this country should do, and it’s something that the more we don't do it, the more all of us will become vulnerable online.”
Share
