SA’s government should classify digital security as critical national infrastructure and extend its intelligence-led approach to organised crime into the cyber realm.
This is according to Doros Hadjizenonos, regional director for southern Africa at Fortinet, who was commenting on president Cyril Ramaphosa’s 2026 State of the Nation Address (SONA). The president committed more than R1 trillion to public infrastructure over the next three years and identified organised crime as the “most immediate threat” to SA’s democracy and economic development.
Hadjizenonos said the president’s strategy to consolidate national intelligence and deploy multidisciplinary intervention teams must include digital threats. Criminal syndicates and state-sponsored actors view critical infrastructure as high-value targets. To support the call for a safe and secure SA, the national security strategy must prioritise ‘secure-by-design’. “This means protecting our industrial control systems and utilities with the same vigour we are applying to increased security measures on our streets.”
Fortinet’s 2025 Global Threat Landscape Report highlights a surge in reconnaissance activity, increased targeting of critical national infrastructure, accelerated exploitation of vulnerabilities and growing credential threats. The report recorded a 16.7% global rise in automated scanning in 2024 – equivalent to 36 000 scans per second – many targeting operational technology protocols such as Modbus TCP, used in utilities and factories.
Vulnerabilities in enterprise and infrastructure software are being weaponised within an average of 5.4 days of disclosure. According to Fortinet, more than 100 billion compromised records were shared on darknet forums in 2024, enabling initial access brokers to infiltrate government and infrastructure networks without deploying complex malware.
“Digital security is no longer a technical control but rather a foundational pillar of national resilience. Modern national infrastructure – including energy grids, water treatment facilities, telecommunication networks, transport systems, healthcare and financial platforms – operates as an interconnected digital ecosystem,” Hadjizenonos said.
He stressed that operational technology, the internet of things, cyber-physical systems, cloud platforms and AI-driven systems underpin essential services.
“A successful cyber attack on critical infrastructure can disrupt essential services, compromise public safety, undermine economic stability and create geopolitical leverage.”
Digitised ‘green shoots’
Hadjizenonos said the digitisation of SA’s “green shoots” of economic recovery requires a shift in mindset. He pointed to the president’s reference to progress in rail, ports and energy, including locally manufactured trains and improved freight logistics.
“However, as these traditionally manual sectors become increasingly hyper-connected, they attract sophisticated threats that can derail national progress."
He described protection of digital systems underpinning critical national infrastructure as “high stakes work in progress”. While awareness has improved, on-the-ground protection remains under strain.
“South Africa’s critical national infrastructure – specifically power (Eskom), water and logistics (Transnet) – is in a unique state of forced modernisation. Because the country is integrating new technologies into ageing, legacy systems, the attack surface is expanding faster than the defences."
Focus on digital employment
Anna Collard, SVP of content strategy and CISO advisor at KnowBe4 Africa, said while Ramaphosa highlighted the creation of more than 1.5 million jobs since 2020 through the Presidential Employment Stimulus, further efforts are needed to tackle unemployment.
“If we’re serious about jobs in a country where approximately half of the youth are unemployed, digital skills should become a real pathway to work,” said Collard.
“Digital infrastructure is just as critical as water and electricity supply because it underpins everything else,” she asserted. “You can’t improve water infrastructure, modernise ports, stabilise energy supply or attract investment without secure digital systems and skilled people to run them. When digital trust collapses, so does economic confidence.”
Collard added that not all crime-fighting interventions rely on visible policing. The CSIR estimates cyber crime costs the South African economy approximately R2.2 billion per year. “Phishing remains the primary entry point, accounting for over 90% of all cyber attacks, while there has been a huge surge in ransomware and digital banking fraud over the past few years.”
Share