SA fails to make data breaches public - expert

Computer. (Duncan Alfreds, Fin24)
Computer. (Duncan Alfreds, Fin24)

Cape Town – Just five data breaches were registered in South Africa in 2015 but this figure may not show the whole picture, says digital security services company Gemalto.

The company has released its Breach Level Index which shows that, globally, 3.6 billion data records have been exposed since 2013.

These data breaches are focused on gaining access to personal information that can be sold illicitly for financial gain, said the company.

While SA registered just five attacks last year, Gemalto said that the number of attacks do not always relate to the number of personal records exposed.

READ: Ashley Madison hack a lesson for SA firms

“Despite cyber crime growing around the world and in Africa, the number of attacks in South Africa is still very low compared to the rest of the world," Neil Cosser, identity and data protection manager for Africa at Gemalto, told Fin24.

"This doesn’t mean that we aren’t a target for hackers, but simply that very few data breaches are made public and can therefore be quantified in the Breach Level Index,” said Cosser.

South Korea, for example, had three breaches that exposed 43 million records, according to Gemalto. 

But Cosser argued that until legislation compelled South African organisations to make data breaches public, the perception would continue that the country is insulated from hackers.

“Because breaches can have high impact on brand reputation, many companies are still tempted not to disclose these as they are not legally required to," said Cosser.

“Based on the above, the need for greater regulation in South Africa has never been clearer – as per trends being seen in the rest of the world,” Cosser added.

Companies in SA that do get hacked risk being unaware of it. Just 38% of South African companies have organisational measures in place to prevent unauthorised data loss, according to information security company Trustwave.

Meanwhile, another information security firm Wolfpack Risk has estimated that the loss to cyber crime in SA stands at R2.5bn during 2012/2013 financial year.

“The danger of the digital world is that attacks or data theft can happen unnoticed. Cyber attacks are getting more and more sophisticated and it can often take a few years for a company to realise it has been hacked,” said Cosser.

- Follow Duncan on Twitter

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24
Rand - Dollar
Rand - Pound
Rand - Euro
Rand - Aus dollar
Rand - Yen
Brent Crude
Top 40
All Share
Resource 10
Industrial 25
Financial 15
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot