Tag: influence operations

South Africa’s Cybersecurity Failure Is Not About Policy Gaps. It Is About State Capability.

1. Introduction: South Africa’s Cybersecurity Problem Is Not a Knowledge Problem

South Africa does not suffer from a lack of cybersecurity knowledge, frameworks, or international guidance. It suffers from a persistent failure of execution, authority, and accountability. For more than a decade, the country has produced policies, frameworks, and institutional arrangements that acknowledge cybersecurity as a national priority. Yet cyber incidents continue to rise, critical services remain exposed, and state capacity to respond coherently remains weak.

This is not a technical problem. It is a governance problem.

The latest Guide to Developing a National Cybersecurity Strategy, 3rd Edition (2025) makes this distinction explicit. The Guide is no longer focused on helping states understand what cybersecurity is. It is focused on helping states translate intent into durable capability. In this respect, South Africa stands as a clear example of a country that has absorbed the language of cybersecurity without internalising its discipline.

More concerning is that South Africa’s cybersecurity posture remains poorly aligned with the reality of modern hybrid threats, where cyber operations, disinformation, influence campaigns, economic coercion, and institutional weakness intersect. The country continues to treat cybersecurity as a narrow ICT or compliance issue, while adversaries treat it as a tool of power, leverage, and strategic influence.

This article argues that South Africa’s cybersecurity weakness is not caused by the absence of strategy. It is caused by the inability or unwillingness of the state to convert strategy into authority, funding, skills, and enforcement.

2. What the Guide Actually Says, Not What We Prefer to Hear

The 2025 Guide is explicit in its intent. It positions national cybersecurity strategy as a living governance instrument, not a policy document to be published and forgotten. It introduces a lifecycle approach that forces states to confront uncomfortable realities, such as sustainable funding, institutional leadership, implementation sequencing, and performance measurement.

At its core, the Guide emphasises three non-negotiables:

First, clear leadership and mandate. A national cybersecurity strategy cannot succeed without a single, empowered authority that coordinates across government and society.

Second, implementation and sustainment. Strategies without funded action plans, timelines, and accountability mechanisms are meaningless.

Third, adaptability to evolving threats, including emerging technologies and hybrid threat models that blur the line between civilian, economic, and national security domains.

The 3rd Edition strengthens these points by focusing heavily on financing, monitoring, evaluation, and technological foresight. This shift is significant. It reflects a global recognition that many states no longer fail at the level of ideas, but at the level of execution.

South Africa’s problem is that it continues to behave as if drafting a strategy is the same as building capability.

3. Using the Guide as a Benchmark: Where South Africa Falls Short

When the Guide’s overarching principles are applied to South Africa, the gaps are immediate and systemic.

Clear leadership and authority

South Africa does not have a single, clearly empowered national cybersecurity authority with the political weight and operational mandate required to coordinate across government, regulators, state-owned entities, and the private sector. Responsibilities are dispersed across departments, agencies, and committees, many of which lack enforcement power.

This fragmentation violates one of the most basic principles of the Guide: cybersecurity governance requires clarity of leadership, not collaborative ambiguity.

Whole-of-government coordination

The Guide assumes that cybersecurity cuts across sectors and functions. In South Africa, coordination often exists in theory but collapses in practice. Interdepartmental processes are slow, politicised, and frequently undermined by competing mandates and budgetary silos.

Cybersecurity is discussed, but rarely prioritised when trade-offs must be made.

Risk-based prioritisation

South Africa continues to struggle with national-level cyber risk management. There is limited evidence of a continuously updated national cyber risk register that informs policy decisions, investment, or crisis preparedness. Risk assessments, where they exist, are often static and compliance-driven.

Sustainable funding and capacity

The Guide is unambiguous. Cybersecurity requires predictable, multi-year funding and sustained investment in people. South Africa’s approach remains ad hoc. Cybersecurity initiatives are launched without long-term funding commitments, resulting in fragile systems that degrade over time.

This is not a budgeting issue alone. It reflects a failure to treat cybersecurity as a strategic investment rather than a discretionary expense.

4. Lifecycle Failure in the South African Context

The Guide’s lifecycle model provides a useful diagnostic tool to understand where South Africa consistently fails.

Initiation without authority

Strategies are initiated without clearly designating a lead authority with the power to compel cooperation. Committees are created, but authority is diluted.

Stocktaking without consequence

Assessments are conducted, reports are written, and gaps are identified. Yet these findings rarely result in decisive action or structural reform.

Strategies without funding

Cybersecurity strategies are published without binding financial commitments. Action plans, if they exist, are aspirational rather than operational.

Action plans without enforcement

Implementing entities are named, but consequences for non-delivery are absent. Performance management is weak or non-existent.

Monitoring without accountability

Monitoring and evaluation processes are often procedural, producing reports that are noted rather than acted upon.

In short, South Africa moves through the motions of the lifecycle without internalising its discipline.

5. Focus Areas Applied to South Africa’s Reality

Governance

Governance remains fragmented. No central authority has the mandate or legitimacy to enforce national cybersecurity priorities across sectors. This leads to duplication, gaps, and institutional paralysis.

Critical infrastructure and essential services

Despite repeated warnings, the protection of critical infrastructure remains uneven. Cybersecurity requirements are inconsistently applied, oversight is weak, and interdependencies between sectors are poorly understood.

National cyber risk management

There is no mature, dynamic national cyber risk management framework that informs strategic decision-making. Risk insights are not systematically linked to investment or crisis planning.

Incident response and CSIRT maturity

South Africa’s incident response capability is uneven and insufficiently integrated across sectors. Information sharing remains limited, and large-scale national exercises are rare.

Skills, capacity, and awareness

The skills deficit is acute, not only at technical levels but at senior decision-making levels. Many leaders responsible for cybersecurity policy lack the expertise to understand the consequences of inaction or poor design.

Legislation and regulation

While laws exist, enforcement is inconsistent. Regulatory overlap creates confusion, while gaps remain in areas related to cyber-enabled hybrid threats.

International cooperation

South Africa participates in international forums, but domestic capacity limits its ability to translate cooperation into tangible resilience.

6. Hybrid Threats and the Blind Spot in South Africa’s Cyber Policy

One of the most serious shortcomings of South Africa’s cybersecurity posture is its failure to fully integrate hybrid threats into national cyber policy.

Cybersecurity is still treated as an ICT issue, separate from disinformation, influence operations, economic coercion, and cognitive manipulation. This separation is artificial and dangerous.

Hybrid threats exploit institutional weakness, social divisions, and governance gaps. They target trust, decision-making, and legitimacy. South Africa’s fragmented cybersecurity governance makes it particularly vulnerable to such operations.

The Guide implicitly recognises this reality through its emphasis on cross-sector coordination and technological foresight. South Africa has yet to operationalise this insight.

7. Strategic Risks of Continued Inaction

The risks of continued failure are not abstract.

Critical services remain exposed to disruption. Public trust in digital systems erodes. The state becomes increasingly vulnerable to foreign influence operations that exploit weak cyber governance. Crisis response capabilities remain inadequate during national emergencies or high-profile events.

Most importantly, cybersecurity failure undermines state credibility and sovereignty.

8. What South Africa Should Be Doing Now

South Africa does not need another strategy. It needs discipline.

First, designate a single national cybersecurity authority with clear legal and political authority.

Second, align funding with strategy through multi-year commitments embedded in national budgeting processes.

Third, establish enforceable accountability mechanisms for implementation.

Fourth, integrate cybersecurity fully into national security and hybrid threat frameworks.

Finally, invest in decision-maker capability, not only technical skills.

9. Conclusion: From Strategy Documents to State Capability

Cybersecurity is a test of governance. South Africa has repeatedly failed that test, not because it lacks guidance, but because it lacks the will and structure to act.

The 2025 Guide does not offer comfort. It offers a mirror. What South Africa sees in that mirror should be deeply unsettling.

The question is no longer whether the country understands cybersecurity. The question is whether it is prepared to govern it.

The Looming Shadow of Cognitive Warfare: A Potential Threat to the 2024 South African Elections

Cognitive warfare is not only an attack on what we think. It is an attack on our way of thinking (Zac Rogers)

Introduction

South Africa’s 2024 elections loom large, not just as a contest for political power but as a potential battleground for a new, insidious form of warfare: cyber-cognitive warfare. Fueled by rising internet penetration and social media’s pervasive influence, this new battlefield threatens to weaponise misinformation and manipulate minds. This paper explores how rapid internet penetration, the ubiquity of social media, and the vulnerabilities they expose make South Africa’s population susceptible to manipulation through online information operations. To safeguard the integrity of democracy, we must dissect the arsenal of digital manipulation and prepare defences before the lines are drawn.

Defining the Battlefield: Cognitive Warfare

The Shifting Landscape of Warfare: Warfare has undergone a dramatic transformation in recent decades. We’ve moved beyond the physical battlefields of conventional war, entering an era defined by social and ideological threats. Think beyond tanks and bombs – imagine manipulation through mass media and sophisticated technologies.

A New Breed of War: Enter Cognitive Warfare: – This new type of conflict, dubbed “cognitive warfare,” is unlike anything we’ve faced before. While it draws elements from kinetic warfare and hybrid warfare, its reach and impact are far more sinister. Instead of fighting for physical territory, cognitive warfare focuses on controlling or altering how people process information. It’s essentially manipulating minds to achieve strategic goals.

Understanding Cognitive Warfare: Definitions vary, but the essence of cognitive warfare lies in using technology to influence, exploit, and ultimately, control human cognition. This manipulation often happens without the target’s awareness, making it even more insidious. It’s a silent battlefield where the enemy is your own mind.

The Goals of Cognitive Warfare: Destabilization and influence are the primary objectives. Sowing discord within societies, shaping beliefs, swaying public opinion, influencing political outcomes, creating social unrest and instability, eroding trust in institutions and governments and influencing actions are all part of the game. Imagine enemies subtly manipulating public opinion to weaken governments or trigger internal social unrest.

The arsenal of cyber-cognitive warfare is diverse. Misinformation, deliberate falsehoods spread to mislead, and disinformation, manipulated or fabricated information used to sow discord, are potent weapons. Cyber-enabled information operations and coordinated campaigns to disseminate these narratives through social media, online forums, and seemingly legitimate news outlets amplify their impact.

Not Just What We Think, But How We Think: Cognitive warfare isn’t just about attacking our thoughts, it’s about hijacking our entire thinking process. This means exploiting our mental biases, triggering emotional responses, and ultimately, guiding our actions to serve the attacker’s agenda.

Vulnerability in the Digital Age: South Africa’s Susceptible Landscape

South Africa’s rapidly growing internet penetration and social media usage create a fertile ground for cognitive warfare. According to Statista, internet penetration in South Africa is expected to reach 64.7% by 2024, and mobile data subscriptions exceeding 45 million create a fertile ground for cyber-cognitive warfare. Social media platforms like Facebook, Twitter, and WhatsApp significantly sway public discourse. The new kid on the block is TikTok, which is growing exponentially in terms of users. The difference between TikTok and the other social media platforms is that companies in the West do not own it, and it is seen as pushing the agenda of the Chinese government. This increased online engagement and a complex socio-economic landscape make the population susceptible to manipulation.

Existing societal vulnerabilities exacerbate this exposure. Socio-economic inequalities, political polarisation, and ethnic tensions provide fertile ground for divisive narratives to take root. The 2014 “Fees Must Fall” protests, the recent xenophobic attacks, and the July 2021 social unrest highlight how online misinformation can ignite real-world consequences.

South Africa’s susceptibility to the vulnerabilities of the digital age stems from a complex interplay of factors, ranging from infrastructure gaps and digital literacy deficiencies to regulatory limitations and evolving cyber threats.

Global Precedents: Learning from Past Battles

South Africa is not alone in facing the perils of cyber-cognitive warfare. The 2016 US elections stand as a stark reminder of its potential: Cambridge Analytica’s targeted micro-advertising and weaponised personal data exposed the vulnerability of democratic processes to online manipulation.

Closer to home, the Bell Pottinger scandal showcased how disinformation campaigns can be used to sow racial division and destabilise governments. Similar tactics have been deployed in elections across the globe, from Kenya to the Philippines, demonstrating the widespread application of cyber-cognitive warfare.

Cyber as a Modern Battlefield: Beyond Information Warfare

Cyber-cognitive warfare extends beyond manipulating public opinion. In recent conflicts, like the Ukraine-Russia war and the Israel-Palestine clashes, cyberattacks have targeted critical infrastructure, disrupting power grids and communication networks. These attacks aim to sow panic, cripple vital services, and undermine public trust in authorities.

The Battlefield: Cyber, Information, and Cognitive Warfare

Before delving deeper, it’s crucial to differentiate the various domains of warfare relevant to this discussion. Cyber warfare involves attacks on computer networks and infrastructure. Information warfare focuses on manipulating the information landscape through propaganda and misinformation. Psychological warfare aims to weaken an opponent’s morale and resolve.

Cognitive warfare takes the manipulation game a step further. It seeks to influence the target’s cognitive processes, including perception, memory, and reasoning, through targeted disinformation, emotional manipulation, and social engineering techniques. As François du Cluzel posits, it’s “an attack on truth and thought” to undermine free will and shape desired behaviours.

Preparing for the 2024 Battle: Building Defences and Fostering Resilience

The 2024 elections necessitate a multi-pronged approach to counter cyber-cognitive warfare. Media literacy initiatives to equip citizens with critical thinking skills and the ability to discern misinformation are crucial. Regulatory frameworks to hold social media platforms accountable for curbing the spread of harmful content are equally important.

Furthermore, fostering open and transparent dialogue across political and social divides can weaken the appeal of divisive narratives. The South African government, civil society organisations, and tech companies must work together to build resilience against cyber-cognitive attacks and safeguard the integrity of the 2024 elections.

Conclusion: Protecting Democracy in the Digital Age

Cyber-cognitive warfare is not a distant threat but a reality with immediate consequences. South Africa’s 2024 elections offer a critical test of the nation’s resilience against this emerging form of warfare. By acknowledging the vulnerabilities, learning from past examples, and building collective defences, South Africa can navigate the complex digital landscape and ensure that its democracy emerges more robust in the face of these new challenges.

The 2024 South African elections are critical in the nation’s history. The potential for cyber-enabled influence campaigns, particularly those employing cognitive warfare tactics, cannot be ignored. By understanding the threat landscape, equipping the populace with critical thinking skills, and promoting responsible online practices, South Africa can safeguard its democratic processes and ensure that informed citizens, not manipulated minds, decide the upcoming elections.