Data breaches cost SA organisations over R360m in 3 years

Some of the most damaging data breaches have cost South African organisations more than R360 million in the last three years.

This is according to PwC’s ‘Global Digital Trust Insights Survey 2025: South Africa report.  

Despite this, only 29% of South African organisations expect to increase their cyber budget by 6% to 10% in 2025, according to the latest findings in the report.

Cyber-risks

The report shows that 66% of South African organisations prioritise mitigating cyber-risks, which is higher than the global average of 57%.

This proactive stance towards cyber-risk mitigation reflects heightened vigilance and a commitment to addressing the growing threat landscape.

ALSO READ: AI emerging as ‘pivotal ally’ in fight against cybercrime

Cybersecurity landscape in Africa

Hamil Bhoora, PwC Africa Cybersecurity leader said the survey provides critical insights into the cybersecurity landscape in Africa and highlights the urgent need for robust cyber risk mitigation strategies.

“This couldn’t be more pertinent considering the rate at which cyber breaches are occurring on the African continent, and the subsequent financial impacts which have a severe knock-on effect on business continuity operations and companies’ wider stakeholders.”

The survey, which is the longest-running and largest of its kind, reflects the sentiments of 4,042 senior business executives worldwide, including 94 organisations from South Africa.

Generative AI challenges:

While Generative Artificial Intelligence (GenAI) is the most popular technology in the news right now, the report identified concerns about the emerging technology landscape.

The report showed that 47% of South African organisations face significant challenges with internal stakeholder trust in GenAI. This indicates a need for better communication, education, and trust-building measures to effectively integrate GenAI technologies into their businesses.

Cloud-related threats:

The report also showed that 47% of South African organisations expressed significant concern about cloud-related threats over the next 12 months.

“This highlights the need for robust cloud security measures to protect sensitive data and ensure business continuity,” PwC said.  “As more businesses migrate to the cloud, the focus on securing these environments becomes paramount.”

Junaid Amra, PwC South Africa Forensics Technology partner indicated that business leaders said another significant concern is the threat posed by hack-and-leak operations.

“These incidents, where sensitive information is stolen and publicly disclosed, pose a severe risk to the reputation and operational integrity of organisations.”

Awareness

Bhoora said as cyber threats evolve, South African organisations are increasingly prioritising cybersecurity defences to safeguard their digital infrastructure and maintain trust in an interconnected world.

“It is evident that South African organisations are increasingly becoming aware of the critical importance of cybersecurity and taking a proactive approach to mitigating these risks. Some of these key actions include quantifying cyber risks, enhancing cloud security, and investing in robust cybersecurity defence measures.

“By taking this approach, organisations will be well-positioned to navigate the evolving threat landscape, maintain digital trust and promote business resilience,” said Bhoora.

PwC said the survey was conducted from May to July 2024 and its findings “underscore the pressing need for enhanced cybersecurity measures as organisations navigate an increasingly complex security threat landscape.”

ALSO READ: Average cost of a data breach in SA is R53.1m – Report