Volatile geopolitics and general socio-political and economic uncertainty continue to plague markets, and the chaos is playing into the hands of cyber criminals.
This was one of several themes discussed at the ITWeb Security Summit 2025, hosted in Sandton, Johannesburg, recently.
Several industry and tech experts participated in ITWeb TV interviews to delve into the influence of issues like global geopolitical tension on threat posture or response planning.
The core message to the market is that zero trust is the reality today and there is a need to validate and verify any interaction. This is because of the advent of deepfake technology and the use of AI to bypass security systems.
Cyber security best practice and strengthened postures are no longer options, they are mandatory for any size business.
Itumeleng Makgati, divisional executive: Group Technology at Nedbank, said a strong security posture is not just about training, but about proactive, constant system checking and security awareness.
“The playing field is constantly changing because we are working against bad actors who are constantly experimenting with different things in different ways. It’s very important that when we paint the picture for the board and senior leaders, we tell the story in a way that provides comfort that we are taking the right actions, that our security programme is effective.”
A state of ransom war
Noelle van der Waag-Cowling, strategy and innovation officer at the Cyber Security Institute, underlined the significance of ‘ransom war’ – a term first coined by Dr Max Smeets, a senior researcher at the Centre for Security Studies at ETH Zurich.
“I think it’s fair to say that ransomware has reached a level that is unsustainable for economies if it continues to escalate at the pace it is escalating at. It’s a really great way to devastate adversary economies, companies, etc,” said Van der Waag-Cowling.
Advanced persistent threat groups are studied very closely by teams of experts, she added.
“Most of these cyber criminal groups, in fact, have big transactional relationships with governments, especially in the states in which they reside and where they actually run their operations from, and they are frequently proxy actors on behalf of those states.
“It's all very mixed up and in that sense, they are almost mercenary-like activities.”
Privatisation of national security risk
Van der Waag-Cowling’s presentation at the summit was based on the privatisation of national security risk, a concept she said was introduced by the former head of the UK’s intelligence and cyber security agency (GCHQ), Kerryn Martin.
Van der Waag-Cowling explained the concept by referring to the role of a state-owned enterprise that is mandated to provide a critical resource like transport, electricity or water.
“That entity has its staff running cyber security for it. If it's hit, that entity has to respond, but it’s actually a national crisis that unfolds. Something like a blackout of South Africa could actually result in significant societal instability quite quickly. You’re sitting with a looming national security threat at this point. If it eventualises, it's going to be disastrous on a state level. But the team in charge of fixing the problem is a little team sitting inside a semi-private entity… so you’re looking at civilian teams working in commerce or industry, that are up against state-backed strategic aligned actors.”
Van der Waag-Cowling’s advice is to go for as much local physical technology infrastructure, to diversify the technology stacks and try to encourage the local tech industry to develop as much local technology as possible – especially on the application layer to run on systems that are neutral. "When we talk about sovereign capabilities, there I see a role for cyber security development in terms of hardening our local systems with our own sovereign capabilities on top of those.”
Share