Bridging South Africa’s cybersecurity investment gap: From threat anticipation to response
South African organisations face a cybersecurity investment gap, particularly between threat anticipation and response. According to Armand Kruger, Head of Cyber Security at NEC XON, businesses must shift their focus from reactive security measures to a proactive cyber resilience strategy.
“Cyber resilience is about more than just technology—it requires a well-structured approach to people, processes, and technology to withstand and recover from attacks,” says Kruger.
“Cyber threats are global and do not differ significantly between regions, but how organisations respond varies widely. That’s why our approach at NEC XON is to conduct an agnostic assessment of businesses, evaluating their entire security posture rather than focusing solely on technology.”
NEC XON assesses cybersecurity maturity across four key areas:
- Anticipate
- Prevent
- Detect
- Respond & Recover
While most providers prioritise the last three areas, cyber anticipation is what differentiates NEC XON. “We put ourselves in the shoes of the threat actor to imagine potential attack scenarios before they unfold. This forward-thinking approach enables businesses to proactively defend against threats rather than just react to them,” Kruger explains.
Shifting investment priorities
Following an assessment, NEC XON measures the maturity of each security process on a scale of five, allowing companies to prioritise investments accordingly. “If I can anticipate a threat, I can prevent it. If I can detect an attack early, I can assign the right resources to address the issue before it escalates,” says Kruger.
However, many South African organisations struggle with anticipation and response due to a lack of cybersecurity skills and expertise. “Companies often invest heavily in detection, but if response capabilities are under-resourced, the overall security posture remains weak,” he notes.
Ransomware: A case for proactive resilience
Ransomware remains one of the most pressing cybersecurity threats, and NEC XON’s four-part strategy is designed to address it comprehensively. “Ransomware is widely misunderstood. Without a strong cyber resilience strategy, the consequences of an attack can be devastating,” Kruger warns.
NEC XON has seen first-hand how businesses struggle with response. “One of our customers suffered a ransomware attack. By the time we arrived, they were already in recovery mode. We asked them why they hadn’t detected the attack before it happened. However, when we examined their system, we found they had received multiple alerts before the attack – but they didn’t have the expertise to understand what they meant. Had they responded to the first alert, they could have prevented the attack entirely.”
Moving beyond reactive security
Currently, most cybersecurity investments occur post-breach, with companies addressing known security gaps only after an attack. “The problem is that many businesses are aware of these vulnerabilities but fail to act because the associated risks are not properly articulated,” says Kruger.
The traditional reactive model is no longer sufficient in today’s threat landscape. “Cyberattacks will happen—it’s how businesses prepare and respond that determines their resilience. By strengthening anticipation and response capabilities, South African companies can close the cybersecurity investment gap and build a more robust defense against evolving threats.”
About NEC XON
NEC XON is a leading African integrator of ICT solutions and part of NEC, a Japanese global company. The holding company has operated in Africa since 1963 and delivers communications, energy, safety, security, and digital solutions. It co-creates social value through innovation to help overcome serious societal challenges. The organisation operates in 54 African countries and has a footprint in 16 of them. Regional headquarters are located in South, East, and West Africa. NEC XON is a level 1-certified broad-based black economic empowerment (B-BBEE) business.
Click here to discover more at www.nec.xon.co.za.
Loading ...