Cyber breaches hit SA economy

by SAVIOUS KWINIKA 
JOHANNESBURG – SOUTH Africa’s growing number of data breaches could be costing the economy as much as R141.96 billion a year – equivalent to around 1.81% of the country’s gross domestic product (GDP) – according to new analysis by managed ICT services provider Cube ICT Solutions.

The company based its estimate on figures from the IBM *Cost of a Data Breach Report 2025*, which places the average cost of a data breach in South Africa at R44.1 million.

Combined with the 3,219 data breaches reported to the Information Regulator during the 2025/26 reporting period, the potential economic impact amounts to almost R142 billion.

With South Africa’s GDP most recently estimated at R7.86 trillion by Statistics South Africa, Cube ICT Solutions argues that the cumulative cost of cyber incidents represents a significant drag on economic performance.

Adriaan Venter, CEO of Cube ICT Solutions, said it is a mistake to view expenditure on responding to cyber incidents as a positive economic contribution.

“Thinking that paying a cybersecurity firm to fix a data breach creates income for that firm is false logic,” he said. “Resources spent on remedying breaches are costs, not wealth-creating economic activity.”

According to Venter, every rand spent recovering from a breach is money that could otherwise have been invested in productive assets or business growth.

“The result is that the economy is potentially smaller than it would have been if the finite resources used to remedy breaches had instead been directed towards wealth-creating investment, such as capital equipment,” he said.

Beyond the immediate financial burden of investigating incidents, restoring systems, hiring specialist expertise and compensating affected customers, data breaches can have lasting consequences for organisations.

Reputational damage, lost customer confidence and client churn can all undermine long-term growth and competitiveness.

Cube ICT Solutions estimates that South Africa experiences an average of 268 reported data breaches every month, many of which stem from preventable human errors, including unsecured databases, incorrectly addressed emails and lost or stolen work devices.

Venter believes this presents one of the country’s greatest opportunities to strengthen its cyber resilience.

“With basic information security awareness training, South Africa can significantly reduce risk over a relatively short period,” he said.

“Millions of employees could become an effective national ‘human firewall’, capable of recognising and reporting cyber threats while adopting practices that reduce the likelihood of data-related incidents.”

He added that improving employee awareness addresses the root causes of many security breaches rather than simply dealing with their consequences.

“Educating employees on cybersecurity fundamentals is a critical first step in preventing data breaches. If organisations get that right, the wider economy stands to benefit.”

While businesses carry primary responsibility for protecting customer information, consumers can also take steps to reduce their personal exposure following a breach.

These include enabling real-time banking notifications, monitoring financial accounts for suspicious activity and updating passwords and other security measures whenever prompted by legitimate organisations.

– CAJ News

Leave a reply

Previous Post

Next Post

Loading Next Post...
Follow
Sidebar Search
Popular Now
Loading

Signing-in 3 seconds...

Signing-up 3 seconds...