By: Graham Brown - Country Manager for South Africa/SADC at Commvault

As governments around the world face increasingly sophisticated cyber threats, the need for robust cyber resilience is more urgent than ever. In South Africa, the public sector has become a prime target for cybercriminals, with an alarming 3,312 ransomware attacks recorded each week. This underscores the critical importance of strengthening cyber defences to safeguard sensitive data and ensure the uninterrupted delivery of essential services.

The challenges are not insignificant. Government entities often rely on basic antivirus solutions that, while helpful, are no longer sufficient to defend against modern cyberattacks. As threat actors become more sophisticated, utilising AI-driven tools to orchestrate attacks, the public sector is finding itself increasingly vulnerable. However, with the right approach and technology, government institutions can overcome these challenges and significantly enhance their cyber resilience.

The evolving threat landscape

The expansion of the attack surface is a key factor behind the growing number of cyberattacks. As more government functions move to the cloud and hybrid cloud environments, the potential for entry points increases. Simple errors like poor configuration or reliance on legacy systems can provide cybercriminals with a foothold. Many government agencies are still using outdated security methods, such as relying solely on firewalls or signature-based detection, which simply cannot keep pace with the speed and complexity of today’s cyber threats.

While the situation may seem daunting, it is important to recognise that the right technologies can make a significant difference. The adoption of advanced solutions such as cleanroom technology and hybrid cloud can help mitigate risks and provide a pathway to a more secure, resilient future.

Adapting to new challenges 

One of the critical areas where public sector institutions can improve is in their response to cyber threats. Traditionally, public sector institutions have operated in a reactive manner, responding to incidents after the fact. However, to be truly cyber-resilient, governments need to adopt proactive measures that enable them to detect threats early and respond swiftly.

Cleanroom technology is one such innovative solution. In the event of a breach, it ensures that the environment used for data recovery has not been compromised. In many cases, when systems are affected by a cyberattack, the recovery process can be prolonged as organisations struggle to identify which systems have been affected. Cleanroom technology ensures that when data is recovered, it is done so in an environment that is guaranteed to be secure, providing governments with the confidence they need to restore operations without fear of further compromise.

Equally important is the use of hybrid cloud solutions, which offer flexibility and scalability while maintaining control over sensitive data. By combining public and private cloud infrastructures, governments can meet the need for operational efficiency while ensuring that their most sensitive data remains secure. Hybrid cloud solutions allow scalability of operations without the need for substantial upfront capital investment, making them an appealing option for institutions working within tight budgets.

Addressing financial and skills constraints

The financial impact of cyber incidents on the public sector is significant, with each breach costing an average of R49 million. Budget constraints, coupled with a shortage of skilled cybersecurity professionals, make it challenging for governments to adopt and implement the necessary security measures. However, there are ways to address these constraints.

One solution is to shift from capital expenditure to operational expenditure by adopting cloud-based platforms that provide both flexibility and scalability. These platforms can reduce the need for large upfront investments, enabling governments to allocate resources more efficiently. Furthermore, by outsourcing certain cybersecurity functions or collaborating with third-party providers, governments can access the expertise they need without the burden of hiring large teams of specialists.

Embracing compliance and future-proofing cyber resilience

Looking ahead, the upcoming Joint Standard on Cybersecurity and Cyber Resilience, which takes effect in June 2025, will impose new compliance requirements on public sector institutions. While this may seem like an additional challenge, it also provides an opportunity for governments to align their cybersecurity practices with industry standards, improving resilience and ensuring that they are better prepared to face future threats.

Complying with the standard will require governments to adopt minimum cybersecurity standards, including robust risk management, incident response, and data protection protocols. For institutions already grappling with existing vulnerabilities, this will provide a structured framework to help them build resilience.

Technology as a tool for resilience

The road ahead for the public sector is undoubtedly challenging. However, with the right technology and a proactive approach, governments can significantly improve their cyber resilience. Innovations like cleanroom technology, hybrid cloud solutions, and intelligent detection tools will help public institutions protect their data, enhance their response capabilities, and minimise the financial impact of cyberattacks.

By addressing the evolving threat landscape with innovative technologies and a focus on proactive, strategic resilience, the public sector can not only safeguard itself against cyber threats but also ensure that essential services continue uninterrupted. The future of cyber resilience lies in collaboration, smart investment, and embracing new technologies that can provide a robust defence against the increasingly sophisticated tactics of cybercriminals.