In South Africa, cybercrime has risen to the forefront as the number one risk facing businesses and organizations, surpassing issues such as load-shedding and political instability. The Allianz Risk Barometer 2025 revealed that cyber incidents, including ransomware attacks, data breaches, and IT outages, are now the top global business risk for the fourth consecutive year.
A decade ago, only 12% of global respondents considered cybercrime a major concern. However, in 2025, that number surged to 38%. “Cyber is the top risk across North and South America, Europe, and Africa, dominating industry concerns from aviation to legal services,” stated Allianz.
Two major incidents in South Africa demonstrated the serious consequences of cyber attacks. Cell C experienced a significant ransomware attack in December 2024, exposing sensitive customer data that was later leaked on the dark web. Similarly, the South African Bureau of Standards (SABS) faced a ransomware attack in November 2024, with its core systems still encrypted by February 2025, marking the third cyber attack on the organization in five years.
Herman Stroop, a lead ISO Specialist at WWISE, emphasized that both breaches could have been prevented if the organizations had been ISO/IEC 27001 certified, a globally recognized standard for information security management. This standard provides a framework for organizations to understand their vulnerabilities, assess risks, and implement controls in a structured, auditable manner.
Stroop highlighted that the absence of such a system is often due to a lack of strategic commitment from leadership. Cybersecurity is not just an IT issue but a core business risk that requires investment in preventive frameworks like ISO/IEC 27001. Additionally, poor enforcement of existing regulations, such as the Protection of Personal Information Act (Popia) and Minimum Information Security Standards (Miss), poses a challenge in South Africa.
He emphasized that prevention is far cheaper than remediation, as organizations often face reputational damage, legal liability, and operational downtime following cyberattacks. Stroop called for mandated ISO 27001 compliance for public institutions and critical infrastructure operators to mitigate the risk of future disasters.
Despite the challenges, some insurance providers are beginning to offer premium reductions for ISO-certified organizations, and major corporate clients are now demanding ISO 27001 certification from vendors. Stroop believes that it is essential for organizations serious about protecting their data and reputation to prioritize ISO 27001 certification as a market differentiator.
Overall, the rise of cybercrime in South Africa underscores the urgent need for organizations to invest in robust information security measures and compliance with international standards to safeguard against evolving cyber threats.