The rise of GenAI-driven attacks and growing complexity of interconnected supply chains are placing South African organisations at risk, warns Mimecast. The company advises organisations to leverage AI-powered tools to predict and adapt defences to emerging threats in real-time.
Gartner’s latest insights reveal that almost a third (29%) of organisations have experienced an attack on enterprise GenAI application infrastructure in the past 12 months.
According to Mimecast's State of Email & Collaboration Security 2024 report, 67% of organisations say AI-spawned attacks will become inevitable in the short term. Supply chain vulnerability places additional strain on South African organisations, Mimecast continues.
The company cites the IBM Cost of a Data Breach Report 2025, which found the most common initial causes of data breaches in SA were third-party vendor and supply chain compromise. These accounted for 17% of incidents and carried an average cost of R29.6 million.
Khetan Gajjar, field CTO for EMEA at Mimecast, says: “GenAI-driven attacks are evolving rapidly, with attackers now using AI to automate phishing, create deepfakes and manipulate supply chain relationships at speed and scale. This creates vulnerabilities spanning both core enterprises and their interconnected business partners.”
Gajjar agrees that supply chains are not a new target for cyber criminals, but GenAI fundamentally changes the attack dynamics. “With GenAI, attackers can cheaply launch sophisticated attacks-as-a-service (phishing, payloadless exploits, deepfake impersonations) with minimal skill, making the volume, variation and deception quality of these attacks far greater than before. Unlike earlier attacks that relied on isolated exploits or human error, GenAI allows adversaries to automate highly believable and scalable social engineering across many supplier relationships at once.”
He adds that software vendors and IT service providers are prime targets because once their systems are compromised, attackers can use their products or updates to infiltrate a broad range of client organisations. Outsourced contractors and managed service providers are also high risk, as exploiting their network access can allow cyber criminals to pivot across multiple client infrastructures.
“Logistics and operational technology are further exposed, often due to legacy systems and weak security controls on connected devices, making them a favoured entry point for attackers. Additionally, procurement and supplier onboarding portals are routinely targeted for credential theft or impersonation attempts, because compromising these systems can yield direct access to sensitive business data and internal processes,” says Gajjar.
Good AI vs bad
Mimecast asserts that predictive security, itself powered by AI, is helping organisations defend against AI-driven cyber attacks by analysing vast amounts of real-time and historical data on employee behaviour, digital footprints and compliance.
Says Gajjar: “Predictive security, powered by AI, is essential because it continuously analyses vast real-time and historical behavioural data – across both internal and supply chain networks – to anticipate threats, detect anomalies and shut down attacks before they manifest, defending the extended digital ecosystem.”
This data-driven approach enables early detection of anomalies, high-risk individuals and emerging threats before incidents occur.
A key component is integrated human risk management, which allows companies to score user behaviour and pinpoint vulnerable employees for targeted education and real-time behavioural nudges. Automated adaptive defences, meanwhile, help shift security from reactive breach response to proactive threat anticipation and prevention.
“Predictive security is most effective when it is adaptive, when it can evolve in real-time as new threats emerge. This requires more than advanced technology. It also needs a shift in mindset, where security is seen as a dynamic, organisation-wide responsibility, not just the domain of the CIO, CTO or compliance teams,” Gajjar says.
He believes defending against GenAI-driven cyber attacks requires a fundamental shift in organisational perspective, recognising that security is no longer the sole responsibility of IT or security teams, but must permeate every level and function within the business.
“Beyond internal changes, building communal security is increasingly important. This involves aligning cyber security standards across industry partners, co-ordinating incident response efforts and sharing real-time threat intelligence to create a collective defence. Such collaboration ensures that the entire ecosystem remains resilient and responsive, a necessity as AI-powered threats accelerate and ripple across the interconnected supply and value chains.”
Share