Nearly three-quarters of C-suite executives in South Africa believe that cyber risks will grow substantially in the next few years as businesses harness new digital technologies to become more connected, intelligent and autonomous, according to new research from Accenture.
The study of over 1,400 C-suite executives worldwide, including over a hundred from South Africa, highlights that new technologies will 'raise cyber risk' if the gap between the new risks that companies take on and their cybersecurity strength widens.
The survey finds that close to 90% of executives in South Africa are looking to, or have already, adopted new digital technologies like the cloud and IOT.
Yusof Seedat, head of global geographies for Accenture Research, said, "The fast adoption of new technologies may be all the rage, but it comes with significant risks if companies do not update the way they plan and execute cybersecurity. For example, 92% of companies in South Africa base their cybersecurity investments solely on today's known risks and cybersecurity needs, and do not consider future business needs in the investment plan."
Additionally, the survey finds that a higher proportion of SA executives (85% vs. 77% for global executives) cite IOT as a potential source of cyber risk.
This technology is set to grow exponentially as it will allow companies to, among others, control factory machines and manage physical environments, according to Accenture.
Notably, more than 85% of South African executives point to cybersecurity concerns regarding artificial intelligence (AI), making it the riskiest new technology in their view.
"The same AI technology that enables banks, for instance, to create sophisticated profiles of individual consumers to customise loan offers can also be used by hackers to track consumers' online activity to steal account passwords," said Seedat.
Given the intersection of AI, machine learning and big data within businesses, Seedat added companies will need to address both security and privacy risks.
Top executives in South Africa are highly concerned about the potential dangers of sharing data with third parties, the company stated.
In the survey, nearly 60% of respondents said they expect data exchanges with strategic partners and other third parties to raise cyber risk, and 90% of C-suite leaders anticipate that the number of third parties and strategic partners in their ecosystems will increase in the next three years.
Only 29% of chief information security officer's (CISOs) in South Africa - fewer than the low 40% at global level - said establishing or expanding an insider threat program is a high priority.
It is imperative businesses close the gap between risk and protection, with the survey data exposing a consistent pattern of gaps between the awareness of growing risks and the protection afforded by current cybersecurity strategies.
With more businesses relying on application programming interfaces (APIs), for instance, almost two-thirds (64%) of South African respondents say it will increase cyber risk. However, only 20% said that open API technology is protected by their cybersecurity strategy - indicating a wide gap of 44 percentage points between awareness of risks and their protection.
In South Africa, wide gaps are also found in smart products and customer data, and the BYOD/virtual work environment.