The R44.2m click: why human error is South Africa’s biggest cyber threat

As cyber-attacks evolve to become more sophisticated and personalised, the most significant vulnerability resides not in technology but in human behaviour. Craig Freer, director of managed services provider Qwerti, emphasises that businesses now face a challenge that goes beyond protecting servers and firewalls; the new frontline in cybersecurity is the people behind the screens.

“Cybercriminals have shifted the attack vector to your employees, not your systems,” Freer explains. “They’ve realised humans are the easiest way in.” The statistics are alarming: around 88% of all cyberattacks are either directly or indirectly linked to human error. In South Africa, the financial repercussions of data breaches can soar to an average of R44.2 million per incident, as reported by IBM’s 2024 Cost of a Data Breach Report, which also noted the global average breach cost at a staggering US $4.88 million.

Among the most prevalent forms of cyber threats is phishing, a tactic that has become increasingly difficult to detect. Attackers skillfully gather information about their targets using social media profiles and other online resources. Freer illustrates this point: “They might know you play golf or follow a particular news site. Then they send a fake breaking-news link or a spoofed email from a supplier. All it takes is one click.”

The strategies employed by cybercriminals are evolving as rapidly as the security measures designed to thwart them. Business Email Compromise (BEC) is particularly notable; it involves attackers either gaining control over or impersonating authentic business email accounts to deceive victims into unwittingly sharing sensitive data or funds. The FBI’s Internet Crime Report indicates that in 2024, BEC scams resulted in reported losses exceeding US $2.77 billion.

Despite the advancements in security technology—including antivirus software, endpoint detection and response (EDR), email scanning, and multifactor authentication—Freer warns that these systems can still fail if an employee unknowingly clicks on a malicious link or opens a dangerous attachment. “Security systems are getting stronger, but criminals are adapting faster,” he cautions. “Technology can detect, filter and monitor, but it can’t stop human curiosity or carelessness.”

Adding another layer of complexity to the situation, cybercriminals are now utilising artificial intelligence to enhance the authenticity of their phishing attempts. Advanced techniques, such as deepfake voices and hyper-personalised messages, are making attacks appear more credible than ever. “It’s no longer the obvious fake emails,” asserts Freer. “These are messages that sound and look perfectly legitimate.”

To counter the threat, Freer advocates for a proactive approach that transforms employees into active participants in the security framework. Ongoing awareness training and regular simulated phishing campaigns are particularly effective. These measures involve sending fake scam emails to test employee responses to potential threats. “If someone clicks the link, they’re immediately enrolled in cybersecurity training,” Freer notes. This method has proven instrumental in enhancing awareness and identifying vulnerable users, thereby reducing breach risks and fostering a culture of vigilance within organisations.

Regular phishing simulations, coupled with targeted education, have been shown to significantly decrease breach rates and improve response times in the event of an incident. Freer stresses that this ‘human firewall’ training should be reinforced through company policies and a strong organisational culture. “Cyber awareness should be in the employee handbook. Everyone needs to know it’s part of the job.”

The consequences of neglecting human error are dire. Freer illustrates the potential fallout: “Imagine half your customers pay their invoices into a fraudster’s bank account. What happens to your business?” The long-term impact of a data breach encompasses not only financial losses but also significant damage to reputation and consumer trust. In South Africa, phishing remains a leading cyber threat, with it often taking months for companies to effectively identify and contain breaches.

Freer concludes that today’s cybersecurity landscape relies on continuous vigilance and education rather than one-off solutions. Managed security teams play an essential role in monitoring systems for emerging threats, addressing vulnerabilities in real-time, and keeping employees informed and alert. In an environment where a single careless click can result in catastrophic financial implications, building a resilient human firewall has become indispensable to safeguarding business operations.

BUSINESS REPORT