Trisha Govender, manager of the SIDT
The biggest challenges facing the South African economy are the energy crisis and the logistics crisis, a significant problem in a product-based economy such as South Africa, which relies heavily on exports.
With the finite resources that South Africa has, the only way to grow the economy is to shift South Africa from a product-based economy to a service-based economy and then embrace the Production Possibility Frontier (a concept in economics that focuses on the ability of technology to break the traditional constraints that an economy has when it comes to capacity).
However, while this may turn out to be an innovative answer to our economic crisis, the Mancosa School of Information and Digital Technology (SIDT) warns that this does present its own – dangerous – challenges.
Embracing technology
What is the current economic impact of South Africa's structural challenges? Media articles point out that elevated levels of load shedding so far in 2023 could cost the South African economy R1.6tn in lost economic activity, R400bn more than last year. Other media articles point out that the logistics crisis (Transnet's challenges) is set to cost the country R1bn a day in economic output, the equivalent of 4.9% of our country's annual GDP, or R353bn.
Conversely, online shopping and other digital platforms are growing. An article by Rand Merchant Bank points out that the value of e-commerce transactions in South Africa is expected to surge 150% to R225bn by 2025 in response to a marked shift in consumer behaviour and changed expectations brought about by the unprecedented events of this year.
"These statistics are an undeniable indicator that there needs to be a concerted move towards moving South Africa towards a service-based economy which can take advantage of the globalised nature of business and the benefits presented by technology. However, businesses, especially small and medium-sized businesses, need to proceed with caution as cybercrime is a major challenge associated with the Production Possibility Frontier," says Trisha Govender, the manager of the SIDT who adds that cyberthreats can have far-reaching consequences beyond financial losses for small businesses. Safeguarding against cyber threats is crucial to protect a business's reputation, customer trust, and long-term viability.
Mounting risks
Small and medium-sized businesses (SMBs) play a pivotal role in economies worldwide and are integral to the global supply chain. While technological advancements and interconnectivity have significantly boosted business productivity, they also bring about potential cybersecurity threats. SMBs face heightened risks in this regard. Recent years have underscored the complexity of executing effective cybersecurity measures.
"Cybercriminals target businesses of all sizes with organisations lacking immunity solely based on their scale. Notably, ransomware attacks, previously associated with large enterprises, now afflict numerous SMBs, often resulting in severe consequences," says Govender.
Due to underreporting, the precise impact of ransomware on SMBs is challenging to quantify. Nevertheless, Sage's global research indicates that one out of four SMBs encountered multiple cybersecurity incidents in the past year alone. This reinforces the seriousness with which SMB decision-makers are addressing cybersecurity concerns.
"It is important that SMBs pay attention to cybercrime," says Govender, "according to a recent report by Sage, 48% of SMBs have experienced a cyber security incident in the past year. There are mixed messages around cyber security culture. Two-thirds of SMBs say it is part of their culture; however, only four out of ten of these businesses discuss it regularly."
However, on the encouraging side, 91% of the SMBs that participated in the Sage research pointed out that they expect cyber security investments to increase or remain the same in the coming year. Further, 64% of SMBs currently use cyber insurance and 74% plan to use it next year.
A growing threat
Mancosa perceives that the cyber threat will grow significantly over the next five to ten years.
"According to Interpol's 2022 Africa Cyberthreat Assessment report, South Africa leads the continent in identified cybersecurity threats. Out of 230 million detected threats, 219 million were related to emails. Moreover, South Africa experienced the highest number of targeted ransomware and business email compromise (BEC) attempts," says Govender.
She adds that considering the internet penetration rate surpassing 70%, the giant online population in South Africa presents an attractive target for cybercriminals seeking to exploit unsuspecting users. African Business reported in February 2023 that nearly 90% of African businesses operated without established cyber security protocols. This leaves them increasingly vulnerable to cyber threats like hacking, phishing, and malware attacks.
"As technology advances, the anticipation is of even more sophisticated attacks. Innovations like generative AI add new dimensions to cyber risks, necessitating exploring innovative cyber defence strategies. In an environment of rapid digital advancement, the absence of robust security infrastructure ensures that cyber threats will continue to rise in the coming decade," says Govender.
The future world of work
Like many other higher education Institutions, Mancosa is embracing technology, and the SIDT offers a significant number of programmes that focus on enhancing digital skills.
"The SIDT currently offers two programmes that specifically focus on cyber security. Over time, interest in these courses has risen, with employees across all levels of businesses recognising the imperative of comprehending cybersecurity. It has evolved beyond being confined to IT; it is now a concern that permeates every facet of an organisation, public and private," says Govender.
She adds that the calibre of students studying these programmes come from diverse backgrounds in terms of knowledge. "They include subject matter experts in IT and business leaders looking to enhance their understanding of the subject. Despite this variety, there is a notable trend of positive feedback and a growing demand for more cybersecurity courses," says Govender.
Strategic imperatives
In overall strategic planning, it is imperative to prioritise cybersecurity right from the outset rather than treating it as an afterthought.
"This requires digital leaders who not only drive innovation but also prioritise safeguarding," says Govender. She adds that to achieve this, we need c-suite leaders whose DNA embodies the following traits:
- cybersecurity knowledge: leaders will have a deep understanding of cybersecurity and best practices for securing digital assets;
- continuous learning and awareness: leaders will be aware of emerging risks and take proactive measures to address them;
- risk management: leaders will understand how to balance innovation with security and allocate resources accordingly;
- security by design mindset: leaders can incorporate security considerations into the development process of digital projects and systems from the outset rather than an afterthought.
- awareness and training initiatives: leaders can prioritise cybersecurity awareness among employees, contractors, and stakeholders. They implement regular training programmes to educate individuals about best practices and potential threats; and
- technology evaluation and procurement: leaders will be able to assess the security features of technologies and vendors. They ensure that any digital solutions brought into the organisation meet high-security standards.
If business leaders embrace this, the Production Possibility Frontier will ensure that not only will the South African economy become diversified, but the Production Possibility Frontier will also facilitate economic growth at a time when precious few global economies are achieving this.