ITWeb, in partnership with Arctic Wolf, conducted an online survey to examine the current status of the South African cyber security market.

The survey sought to gain an understanding of the South African market, where people are on their security transformation journey, what their biggest challenges are and where Arctic Wolf can help.

A total of 163 responses were captured, with 62% of respondents being at management level, and working in a range of major industry sectors. Some 38% of respondents came from the IT sector and 23% came from the financial services and government sectors.

Here are some of the key findings:

  1. Nearly three-quarters (74%) of the survey’s respondents said their cyber security budget for 2023 would increase. 22% said it would stay the same.
  2. The top three areas of concern for businesses going into 2023 were continued cyber attacks (77%), the talent shortage (47%) and inflation (38%).
  3. The types of cyber attacks that businesses are most concerned about facing this year were ransomware (77%), business email compromise (62%) and cloud breach (46%).
  4. In the past 12 months, three quarters of respondents (74%) have received an email at work that they believe to be a phishing attempt to collect their credentials. Half (47%) have received an email or text message that they believe impersonated an executive at their company. Another 47% have received an invite or message on a social networking site (e.g. LinkedIn) that they believe to be malicious in nature
  5. Security incidents experienced in the past 12 months include: business email compromise (37%), ransomware (18%), disinformation campaign (17%), insider threat (15%), cloud breach (12%) and supply chain attack (10%).
  6. The majority of respondents (85%) say that businesses should be legally obliged to disclose a cyber security incident or data breach.
  7. The top three areas of concern going into 2023 were ranked as: continued cyber attacks (74%), talent shortage (53%) and inflation (52%)
  8. Ransomware (68%), closely followed by business email compromise (64%) were the types of cyber attacks that responding organisations were most concerned about going into 2023.
  9. A third (33%) of respondents said their organisations has experienced a cyber incident in the past 12 months. Half of respondents (52%) said they hadn’t.
  10. Of those that replied ‘yes’ to the question above, 57% had a business email compromise, 14% ransomware, 14% a cloud breach and 14% an insider threat.
  11. Three quarters of respondents (72%) say they have a 24x7 security solution in place.