A good cyber security programme should meet AI early and continuously embed AI while balancing value, cost efficiency and risk management. This is according to Lungile Mginqi, group CIO at Sasol, who spoke to ITWeb ahead of his presentation at the 20th ITWeb Security Summit 2025, on 3 June, at the Sandton Convention Centre.
“When it comes to risk management, first and foremost, the CIO must establish an excellent cyber security programme that provides visibility of the entire business’s infrastructure footprint to facilitate quicker response and recovery effectiveness where required.”
He added that at the core of any cyber security risk management programme should be a meaningful, quantifiable cyber safety risk posture anchored by four aspects: response and recovery effectiveness with full infrastructure footprint visibility; clarity on governed controls; a robust awareness campaign; and independent validation mechanisms. These must be driven by a continuous improvement mindset, each supported by a multi-year maturity plan.
“These are not just random items to think about – they are vital to a successful cyber security operation, better articulation of return on investment and long-term sustainability,” said Mginqi.
Sasol’s cyber security programme also incorporates security awareness and training across the company. This includes phishing simulations to validate the effectiveness of training initiatives.
“Sasol has created visibility of training compliance using what we call cyber personal risk scores (C-PRS),” Mginqi explained. “Each employee has an individual score, consolidated and aggregated up to line managers and executives. This gamification of risk awareness fosters the right conversations across the company.”
He continued: “Everything we do in our cyber security risk programme must be measurable or scoreable so that it can be aggregated into a single Sasol Cyber Safety Score.”
The programme is also cost-sensitive, using outcomes-driven metrics – including protection level agreement costs – to make the balance of value, cost efficiency and risk completely transparent.
One of the cornerstones of Sasol’s strategy is eliminating ‘dark corners’ or blind spots to enable a measured and rapid response in the event of a breach.
To anchor this ambition, Mginqi introduced an AI-driven cyber security toolset into Sasol’s defence architecture. This set of capabilities enhances threat detection and response by providing autonomous, self-learning features that adapt to the company’s evolving digital environment. The toolset continuously monitors network, endpoint and cloud ecosystems to deliver real-time insight and support proactive containment of threats – ensuring the business remains resilient and agile.
“The AI cyber security platform is now a foundational building block of our defence strategy. It acts as a digital immune system that is always on, always learning and deeply integrated with our operational response procedures,” said Mginqi.
Additionally, GenAI has been purposefully embedded into Sasol’s incident response model. GenAI enhances incident management by isolating breached areas through rapid log analysis, pattern detection and guided recovery steps, significantly reducing mean-time to-detect and recover.
“This continuous AI evolution in our operations means we’re not just adding tools – we’re redesigning our muscle memory. Each GenAI application in our incident response playbook enhances organisational readiness and maturity,” Mginqi noted.
He concluded with a forward-looking perspective: “AI is not an accessory in cyber security; it is the backbone of a modern, adaptive and resilient defence posture. As threats evolve, so must our response – disciplined, data-driven and decisively AI-augmented. At Sasol, we are not waiting for the future of cyber security – we are engineering it.”
Click here for more information and to register.
Share