From Europe to South Africa: Where Is the World on Cyber Defense?

When global technology leaders take a step back and look at the various cyber attacks, technology risks and their overall cybersecurity situation, there are many similarities — no matter where you turn internationally.

Next week, this “Lohrmann on Cybersecurity” blog will examine the top stories from the USA in our annual cyber review for 2024, along with many related themes surrounding other “runner-up” cybersecurity stories.

But before we get there, I want to take a look at two new international reports and their implications for the future of cybersecurity.

The two reports come from the European Union and from South Africa, and both provide excellent snapshots of the current cybersecurity situations in their regions with global implications.

EU’S FIRST-EVER STATE OF CYBERSECURITY REPORT

As described in a Dec. 3, 2024, press release from the European Union Agency for Cybersecurity (ENISA), “this report is the result of extensive consultation with all 27 EU Member States and the European Commission.”

The full report can be downloaded here in PDF format.

The purpose of the report is to provide policymakers at the EU level with an evidence-based overview of the state of play of the cybersecurity landscape and capabilities at the EU, national and societal levels, as well as with policy recommendations to address identified shortcomings and increase the level of cybersecurity across the Union.

Here is the report outline:

“1. CYBERSECURITY LANDSCAPE IN THE UNION
1.1 LEGISLATIVE CONTEXT
1.2 UNION-LEVEL RISK ASSESSMENT
1.3 EU CYBERTHREAT LANDSCAPE

“2. CYBERSECURITY CAPABILITIES AT THE UNION LEVEL
2.1 HIGH-LEVEL FINDINGS
2.2 NATIONAL CAPABILITIES: ALIGNMENT OF NATIONAL CYBERSECURITY STRATEGIES 23
2.3 PRIVATE SECTOR CAPABILITIES: CYBERSECURITY CAPABILITIES OF CRITICAL SECTORS
2.4 SOCIETAL CAPABILITIES: CYBERSECURITY AWARENESS AND CYBER-HYGIENE OF EU CITIZENS

“3. INCREASING THE LEVEL OF CYBERSECURITY

“3.1 POLICY IMPLEMENTATION
3.1.1 Implementing a comprehensive and complementary cybersecurity policy framework
3.1.2 Identification and Supervision
3.1.3 Cybersecurity risk management measures
3.1.4 Information sharing and reporting obligations: institutional framework and practice

“3.2 CYBER CRISIS MANAGEMENT
3.2.1 Situational awareness
3.2.2 National CSIRTs
3.2.3 National capabilities: Cyber-exercises

“3.3 CYBERSECURITY SKILLS
3.4 SUPPLY CHAIN SECURITY
3.4.1 Vulnerability handling and disclosure

“4. LOOKING AHEAD”

And most important, here are the high-level recommendations and key outcomes that came from the report:

“The key outcome of the report are six policy recommendations, covering the four priority areas above and, additionally, the capabilities of critical sector operators and cybersecurity awareness and cyber hygiene.

• Strengthening the technical and financial support given to European Union Institution, Bodies and Agencies (EUIBAs) and national competent authorities and to entities falling within the scope of the NIS2 Directive to ensure a harmonised, comprehensive, timely and coherent implementation of the evolving EU cybersecurity policy framework using already existing structures at EU level such as the NIS Cooperation Group, CSIRTs Network and EU Agencies.
• As called upon by the Council, revising the EU Blueprint for coordinated response to large-scale cyber incidents, while taking into account all the latest EU cybersecurity policy developments. The revised EU Blueprint should further promote EU cybersecurity harmonisation and optimisation, as well as strengthen both national and EU cybersecurity capabilities for levelled up cybersecurity resilience at national and European level.
• Strengthening the EU cyber workforce by implementing the Cybersecurity Skills Academy and in particular by establishing a common EU approach to cybersecurity training, identifying future skills needs, developing a coordinated EU approach to stakeholders’ involvement to address the skills gap and setting up a European attestation scheme for cybersecurity skills.
• Addressing supply chain security in the EU by stepping up EU wide coordinated risk assessments and the development of an EU horizontal policy framework for supply chain security aimed at addressing the cybersecurity challenges faced both by the public and the private sectors.
• Enhancing the understanding of sectorial specificities and needs, improving the level of cybersecurity maturity of sectors covered by the NIS2 Directive and using the future Cybersecurity Emergency Mechanism to be established under the Cyber Solidarity Act for sectorial preparedness and resilience with a focus on weak or sensitive sectors and risks identified through EU-wide risk assessments.
• Promote a unified approach by building on existing policy initiatives and by harmonising national efforts to achieve a common high-level of cybersecurity awareness and cyber hygiene among professionals and citizens, irrespective of demographic characteristics.”

THE CYBERSECURITY REPORT FROM SOUTH AFRICA

While I was reading an early December 2024 article from South Africa entitled “GenAI poses looming worldwide cyber security risk,” I learned about an excellent report entitled Cybersecurity as an Imperative for Growth from Vodacom Business, in partnership with Omdia.

The report is full of statistics and survey results from leading businesses in Africa, and I highly recommend taking a look. Here’s an excerpt:

“The report reveals that eight out of 10 surveyed South African businesses said they experienced a cyber attack in the past year, with only 32 percent of organisations saying cyber security training is prioritised among employees.

“The cost of these attacks on businesses in SA is estimated at R2.2 billion annually, according to the South African Banking Risk Information Centre and the CSIR.

“’Just as the cloud, IOT technologies and mobile networks have empowered businesses, cyber security needs to be seen as an important enabler for growth,’ explained Videsha Proothveerajh, director of Vodacom Business.

“The report further shows that 36 percent of companies are confident they can prevent a ransomware attack without significant operational disruption.

“In addition, Omdia’s 2024 Cyber Security Decision-Maker Survey found that 41 percent of organisations globally said ransomware is in their top three security challenges. For businesses that operate in the public, health and finance sectors, ransomware attacks are some of the most prevalent.

“’By prioritising cyber security, businesses can protect their reputation, maintain customer trust and ensure operational continuity,’ said Proothveerajh.”

The report outline is as follows:

“What’s the problem?

“1.1 The scale of cyber-attacks facing South African organisations

“2.0 How to think about cybersecurity

2.1 Cybersecurity as a pillar of digital resilience
2.2 The unchanging nature of the threat
2.3 Regulation aims to drive enhanced cybersecurity in organisations

“3.0 Understanding the threat

“3.1 How cyber attackers exploit vulnerabilities
3.2 Ransomware: A growing threat in the digital economy
3.3 Supply chain attack
3.4 Distributed Denial of Service (DDoS) attack
3.5 Phishing attack
3.6 Critical National Infrastructure (CNI) attack
3.7 Next-generation threats: Navigating the future of digital defence

“4.0 Understanding what cybersecurity affects

“4.1 The scope of cybersecurity in an organisation and beyond
4.2 The core tenets of cybersecurity
4.3 Cybersecurity as the backbone of resilient digital innovation
4.4 Cybersecurity as a business enabler: Measuring ROI and long-term value

“5.0 What organisations need to do
5.1 Know your vulnerabilities
5.2 Review your cybersecurity controls: People, process and technology
5.3 Evaluate and prioritise your data and systems
5.4 Protecting PII from exposure
5.5 Conduct regular security assessments and audits
5.6 Commit to proactive cybersecurity engagement
5.7 Leverage automation and advanced tools
5.8 Avoid pitfalls of going it alone
Conclusion”

FINAL THOUGHTS

I always enjoy comparing international reports to the white papers and best practice reports in the USA. While there are often many similarities, they also use different words and focus on slightly different themes.

In the case of these reports, it is clear that cyber attacks are increasing globally in ways that are making cybersecurity an even higher priority as we head into 2025.

Next week — the cyber year in review, with top stories from 2024.