Tag: misinformation

Why I Voted the Way I Did in 2024 (And Why That Should Worry All of Us)

Given SHINGANGE

I could not vote on 27 April 1994. I was not yet 18. The same thing happened again in 1999 — election day came, and once more I was underage, even though I would later vote in that year’s local government elections. Like many South Africans of my generation, my political consciousness was formed long before I was legally allowed to participate. That distance between lived politics and formal participation has never really closed — and it matters more now than it did then.

When I finally did vote in 1999, I voted for the ANC. At the time, that choice required no justification. The movement still carried moral authority, historical legitimacy, and overwhelming public trust. But what is less often acknowledged is how quickly discomfort set in afterwards. From the national elections that followed, I never again voted for the ANC — not because another party persuaded me, and not because I had disengaged from the country’s future, but because something already felt misaligned. Even then, it seemed that the story and the reality were starting to drift apart.

Around 2010, while I was living in Bloemfontein, I shared my frustration with my mentor, AZ. His response was direct and necessary: it is easy to criticise from the sidelines; eventually you have to decide whether you are prepared to get involved. I took that seriously. I attended branch meetings. I tried to engage. What I encountered, however, was a political language and culture that felt disconnected from the problems I believed we should be confronting. I walked away, not in anger, but in quiet disappointment.

My political exposure did not come only through voting. In 2008, after resigning from the SANDF, I joined Sebra, a construction financing company owned by Kobus van Loggerenberg — KvL to those who knew him. He was a progressive white Afrikaner, a former SRC president at the University of the Free State in the 1980s, and someone shaped by difficult political choices during apartheid. He was also a principled man. May his soul continue to rest in peace.

At the time, the UFS was dealing with the Reitz 4 incident, where black workers were humiliated by white students in what became a national scandal. Sebra’s shareholders decided to support non-white student formations contesting the SRC elections, and my first real task at the company was to manage the campaign funds. What I witnessed during that period was instructive: fragmented organisations — SASCO, the YCL, and the ANC Youth League — had to be pushed to work together just to stand a chance.

They did not win the SRC presidency that year. But something important shifted. For the first time, these formations believed that institutional power was not permanently closed to them. That belief mattered. The following year, in 2009, that groundwork paid off. The same collective went on to win the SRC elections, and Moses Masitha became the first black SRC president at the University of the Free State.

That outcome reinforced a lesson that has stayed with me: politics is rarely about immediate victory. It is about coordination, persistence, and understanding the environment you are operating in — especially when institutions are stacked against you.

Around the same period, AZ invited me to be part of a delegation visiting the late Ethiopian Prime Minister Meles Zenawi. The group consisted of academics and professionals selected for what they were doing and what they might still contribute. The visit was not ideological. It was about exposure — about observing how other states thought about development, power, and sovereignty. I returned home with a broader lens and a deeper unease. South Africa, to me, appeared increasingly unprepared for the kind of world it was entering.

For years after that, I remained disengaged from ANC electoral politics.

Then came 2024 — and with it, a rupture that cannot be explained through traditional political analysis.

By then, the country had effectively lost control over its information environment. Social media was no longer just a platform for expression; it had become an operational domain. Disinformation, misinformation, coordinated influence campaigns, algorithmic amplification, and deliberate cognitive manipulation were no longer abstract concepts. They were observable, measurable, and increasingly sophisticated. What concerned me was not ordinary political contestation, but the erosion of South Africa’s information sovereignty.

This was not one party out-campaigning another. It was something more corrosive: sustained efforts, amplified through digital platforms and media ecosystems, aimed at eroding trust, inflaming division, and normalising instability. Many of these narratives did not originate organically within South African society. They were engineered to exploit our fractures.

I have explored these dynamics in depth in a recent series on this blog focused specifically on influence operations. That series looks at how these campaigns are designed, how they spread through digital systems, and why societies like ours are particularly vulnerable. This article is not a repetition of that work. It is a personal reflection shaped by it.

I voted for the ANC in 2024 not because it had suddenly become virtuous, competent, or deserving of renewed loyalty. I voted defensively. “Better the devil you know” is an uncomfortable phrase, but it captures the logic. Some of the forces shaping our political environment do not care about governance, service delivery, or justice. They care about disruption. A lawless, fragmented South Africa serves interests that are not our own.

The outcome — a Government of National Unity — should not reassure us. If anything, it should alarm us. What we witnessed was a probing exercise. The gaps were identified. The vulnerabilities mapped. And the campaigns for the next electoral cycle have already begun.

This is not a message to the ANC. It is a warning to all political parties and to society at large. Influence operations do not target parties; they target populations. They exploit grievances, identities, historical wounds, and economic pain. In a hyper-connected society like ours, no political formation is immune.

Our failure is that we are still thinking in outdated terms. We celebrate connectivity but ignore content. We talk about democracy while failing to grasp algorithmic warfare. We rely on old institutional structures to confront threats that are hybrid, asymmetric, and cognitive in nature. We are trying to solve twenty-first-century problems with twentieth-century tools.

The most dangerous failure, however, is not technical — it is intellectual. We are not honest enough to admit that we are out of our depth. Influence operations and cognitive warfare are specialised domains. They demand expertise, humility, and the willingness to listen to people who understand how these systems work.

That is all that is required of us right now: honesty about our limitations, and the courage to let those who know what they are doing help us think clearly. Anything less is not neutrality. It is negligence.

Article 3: Influence Operations in South Africa – Identity, Grievance, and the Cognitive Battlespace

Given SHINGANGE

Article 1 of this series established influence operations as a defining feature of contemporary conflict, operating primarily in the cognitive domain rather than through force. Article 2 examined how digital platforms, algorithms, and fragmented media ecosystems enable these operations at scale. This third article addresses a more fundamental question: why such operations are increasingly effective in South Africa, even in the absence of clear attribution or coordinated campaigns.

Influence operations do not begin with messages or platforms; they begin with people. Specifically, they exploit how individuals understand identity, trust others, and interpret grievance. These elements constitute the cognitive battlespace. In South Africa, this battlespace has been shifting in measurable ways over the past decade, creating conditions that lower resistance to influence, polarisation, and narrative manipulation.

This article does not claim to identify or attribute specific influence operations targeting South Africa. Nor does it argue that changes in public attitudes are the direct result of coordinated campaigns. Instead, it examines the structural and psychological conditions that make influence more efficient once narratives are introduced. Influence operations rarely manufacture division; they succeed by activating and amplifying perceptions that already exist.

Identity Salience and Cognitive Fragmentation

Afrobarometer’s 2024/2025 survey data provides a credible empirical lens into South Africa’s cognitive terrain. The findings show a pronounced shift away from national identity towards ethnic identity. While most citizens still report balancing the two, one-quarter of South Africans now identify more strongly with their ethnic group than with being South African, and only a small minority prioritise national identity alone. This represents a sharp reversal from the early 2010s, when national identification peaked following the 2010 FIFA World Cup.

From an influence-operations perspective, this shift matters because national identity functions as a stabilising cognitive frame. When it weakens, audiences become more receptive to narratives that interpret politics, economics, and governance through group-based lenses. Identity does not need to be weaponised aggressively; its mere salience reduces the effort required to frame issues as exclusionary or zero-sum.

Afrobarometer data further shows that perceptions of ethnic discrimination by the state are widespread and cross-cutting. Nearly half of respondents believe their ethnic group is treated unfairly by government. In influence terms, the factual accuracy of this perception is secondary. What matters is that grievance frames already exist, are emotionally resonant, and can be activated without the introduction of false information.

Trust Erosion and the Weakening of Informal Resilience

Identity salience becomes operationally significant when combined with declining trust. Fewer than one-third of South Africans report trusting members of other ethnic groups. Low horizontal trust weakens informal social resilience mechanisms such as peer correction, cross-group dialogue, and social sanction against extreme narratives. It also increases reliance on in-group validation, which digital platforms are particularly effective at reinforcing.

At the same time, tolerance in everyday interactions remains relatively high. Most South Africans report that they would not mind living next to someone from a different ethnic group, and interethnic marriage remains broadly accepted. This apparent contradiction is critical. It suggests that the primary risk is not immediate social breakdown, but cognitive hardening: physical coexistence alongside psychological distancing. Contemporary influence operations are optimised for this condition, prioritising long-term attitudinal shifts over mobilisation or violence.

Synthesis: From Cognitive Conditions to Influence Effects

Taken together, the data points to a coherent influence-operations pathway. Rising identity salience provides the targeting variable; perceived grievance supplies emotional resonance; declining trust reduces social friction against polarising narratives; and digital platforms amplify emotionally charged content at scale. The result is not persuasion in the classical sense, but gradual normalisation of suspicion, disengagement, and interpretive closure. Influence succeeds not by convincing people of new ideas, but by narrowing how they interpret existing ones.

This synthesis is important because it clarifies that influence effectiveness in South Africa does not depend on sophisticated disinformation or foreign orchestration. It depends on the interaction between social fragmentation and an information ecosystem that rewards outrage, affirmation, and repetition.

Platforms, Amplification, and Narrative Stickiness

As discussed in Article 2, digital platforms privilege engagement over accuracy. In South Africa, media-monitoring and misinformation-reporting initiatives consistently show that polarising, identity-laden, and emotionally charged content outperforms corrective or contextual information. These dynamics do not require malicious intent. Political rhetoric, economic stress, historical grievance, and sensationalist media all feed into the same amplification loops.

This marks a departure from earlier models of information warfare. The threat is less about falsehood insertion and more about narrative dominance. Influence operations in this environment are often decentralised, opportunistic, and endogenous. Narratives are laundered across communities, reframed by local actors, and legitimised through repetition rather than authority.

Influence Without Attribution

A persistent weakness in South African discourse is the assumption that influence operations must be foreign, centralised, and provable. This assumption obscures more pervasive dynamics. As argued in Article 1, influence can be diffuse and politically ambiguous while still producing strategic effects. In South Africa, these effects may include declining confidence in democratic processes, normalisation of institutional distrust, and increased receptivity to simplistic explanations for complex governance challenges.

None of these outcomes require a single adversary. They require only a permissive cognitive environment and an information ecosystem optimised for emotional engagement.

Policy and Governance Implications

South Africa’s current security and governance frameworks are poorly aligned to these realities. Cybersecurity policy remains focused on technical infrastructure, cybercrime, and system integrity, with minimal engagement with cognitive or information-layer threats. The National Cybersecurity Policy Framework, in particular, offers little guidance on influence, narrative resilience, or societal trust as security variables.

This creates a structural blind spot. Without recognising the cognitive battlespace, responses default to reactive communication, content takedowns, or politicised blame. None address the underlying conditions identified here. Building resilience requires institutional coordination across cybersecurity, communications, education, and social policy—areas that currently operate in silos.

Conclusion

Article 1 established influence operations as a defining feature of modern conflict. Article 2 explained how digital platforms enable them. This article has shown why South Africa is particularly exposed: not primarily because of hostile actors, but because of measurable shifts in identity, trust, and grievance that weaken cognitive resilience.

The most serious influence challenge facing South Africa may therefore be internal rather than external, structural rather than tactical. Until influence is understood as a function of societal conditions rather than isolated campaigns, policy responses will remain misaligned. Influence operations succeed not when societies are divided, but when they lack the institutional and social capacity to recognise how division is being exploited.

South Africa’s Cybersecurity Failure Is Not About Policy Gaps. It Is About State Capability.

Given SHINGANGE

1. Introduction: South Africa’s Cybersecurity Problem Is Not a Knowledge Problem

South Africa does not suffer from a lack of cybersecurity knowledge, frameworks, or international guidance. It suffers from a persistent failure of execution, authority, and accountability. For more than a decade, the country has produced policies, frameworks, and institutional arrangements that acknowledge cybersecurity as a national priority. Yet cyber incidents continue to rise, critical services remain exposed, and state capacity to respond coherently remains weak.

This is not a technical problem. It is a governance problem.

The latest Guide to Developing a National Cybersecurity Strategy, 3rd Edition (2025) makes this distinction explicit. The Guide is no longer focused on helping states understand what cybersecurity is. It is focused on helping states translate intent into durable capability. In this respect, South Africa stands as a clear example of a country that has absorbed the language of cybersecurity without internalising its discipline.

More concerning is that South Africa’s cybersecurity posture remains poorly aligned with the reality of modern hybrid threats, where cyber operations, disinformation, influence campaigns, economic coercion, and institutional weakness intersect. The country continues to treat cybersecurity as a narrow ICT or compliance issue, while adversaries treat it as a tool of power, leverage, and strategic influence.

This article argues that South Africa’s cybersecurity weakness is not caused by the absence of strategy. It is caused by the inability or unwillingness of the state to convert strategy into authority, funding, skills, and enforcement.

2. What the Guide Actually Says, Not What We Prefer to Hear

The 2025 Guide is explicit in its intent. It positions national cybersecurity strategy as a living governance instrument, not a policy document to be published and forgotten. It introduces a lifecycle approach that forces states to confront uncomfortable realities, such as sustainable funding, institutional leadership, implementation sequencing, and performance measurement.

At its core, the Guide emphasises three non-negotiables:

First, clear leadership and mandate. A national cybersecurity strategy cannot succeed without a single, empowered authority that coordinates across government and society.

Second, implementation and sustainment. Strategies without funded action plans, timelines, and accountability mechanisms are meaningless.

Third, adaptability to evolving threats, including emerging technologies and hybrid threat models that blur the line between civilian, economic, and national security domains.

The 3rd Edition strengthens these points by focusing heavily on financing, monitoring, evaluation, and technological foresight. This shift is significant. It reflects a global recognition that many states no longer fail at the level of ideas, but at the level of execution.

South Africa’s problem is that it continues to behave as if drafting a strategy is the same as building capability.

3. Using the Guide as a Benchmark: Where South Africa Falls Short

When the Guide’s overarching principles are applied to South Africa, the gaps are immediate and systemic.

Clear leadership and authority

South Africa does not have a single, clearly empowered national cybersecurity authority with the political weight and operational mandate required to coordinate across government, regulators, state-owned entities, and the private sector. Responsibilities are dispersed across departments, agencies, and committees, many of which lack enforcement power.

This fragmentation violates one of the most basic principles of the Guide: cybersecurity governance requires clarity of leadership, not collaborative ambiguity.

Whole-of-government coordination

The Guide assumes that cybersecurity cuts across sectors and functions. In South Africa, coordination often exists in theory but collapses in practice. Interdepartmental processes are slow, politicised, and frequently undermined by competing mandates and budgetary silos.

Cybersecurity is discussed, but rarely prioritised when trade-offs must be made.

Risk-based prioritisation

South Africa continues to struggle with national-level cyber risk management. There is limited evidence of a continuously updated national cyber risk register that informs policy decisions, investment, or crisis preparedness. Risk assessments, where they exist, are often static and compliance-driven.

Sustainable funding and capacity

The Guide is unambiguous. Cybersecurity requires predictable, multi-year funding and sustained investment in people. South Africa’s approach remains ad hoc. Cybersecurity initiatives are launched without long-term funding commitments, resulting in fragile systems that degrade over time.

This is not a budgeting issue alone. It reflects a failure to treat cybersecurity as a strategic investment rather than a discretionary expense.

4. Lifecycle Failure in the South African Context

The Guide’s lifecycle model provides a useful diagnostic tool to understand where South Africa consistently fails.

Initiation without authority

Strategies are initiated without clearly designating a lead authority with the power to compel cooperation. Committees are created, but authority is diluted.

Stocktaking without consequence

Assessments are conducted, reports are written, and gaps are identified. Yet these findings rarely result in decisive action or structural reform.

Strategies without funding

Cybersecurity strategies are published without binding financial commitments. Action plans, if they exist, are aspirational rather than operational.

Action plans without enforcement

Implementing entities are named, but consequences for non-delivery are absent. Performance management is weak or non-existent.

Monitoring without accountability

Monitoring and evaluation processes are often procedural, producing reports that are noted rather than acted upon.

In short, South Africa moves through the motions of the lifecycle without internalising its discipline.

5. Focus Areas Applied to South Africa’s Reality

Governance

Governance remains fragmented. No central authority has the mandate or legitimacy to enforce national cybersecurity priorities across sectors. This leads to duplication, gaps, and institutional paralysis.

Critical infrastructure and essential services

Despite repeated warnings, the protection of critical infrastructure remains uneven. Cybersecurity requirements are inconsistently applied, oversight is weak, and interdependencies between sectors are poorly understood.

National cyber risk management

There is no mature, dynamic national cyber risk management framework that informs strategic decision-making. Risk insights are not systematically linked to investment or crisis planning.

Incident response and CSIRT maturity

South Africa’s incident response capability is uneven and insufficiently integrated across sectors. Information sharing remains limited, and large-scale national exercises are rare.

Skills, capacity, and awareness

The skills deficit is acute, not only at technical levels but at senior decision-making levels. Many leaders responsible for cybersecurity policy lack the expertise to understand the consequences of inaction or poor design.

Legislation and regulation

While laws exist, enforcement is inconsistent. Regulatory overlap creates confusion, while gaps remain in areas related to cyber-enabled hybrid threats.

International cooperation

South Africa participates in international forums, but domestic capacity limits its ability to translate cooperation into tangible resilience.

6. Hybrid Threats and the Blind Spot in South Africa’s Cyber Policy

One of the most serious shortcomings of South Africa’s cybersecurity posture is its failure to fully integrate hybrid threats into national cyber policy.

Cybersecurity is still treated as an ICT issue, separate from disinformation, influence operations, economic coercion, and cognitive manipulation. This separation is artificial and dangerous.

Hybrid threats exploit institutional weakness, social divisions, and governance gaps. They target trust, decision-making, and legitimacy. South Africa’s fragmented cybersecurity governance makes it particularly vulnerable to such operations.

The Guide implicitly recognises this reality through its emphasis on cross-sector coordination and technological foresight. South Africa has yet to operationalise this insight.

7. Strategic Risks of Continued Inaction

The risks of continued failure are not abstract.

Critical services remain exposed to disruption. Public trust in digital systems erodes. The state becomes increasingly vulnerable to foreign influence operations that exploit weak cyber governance. Crisis response capabilities remain inadequate during national emergencies or high-profile events.

Most importantly, cybersecurity failure undermines state credibility and sovereignty.

8. What South Africa Should Be Doing Now

South Africa does not need another strategy. It needs discipline.

First, designate a single national cybersecurity authority with clear legal and political authority.

Second, align funding with strategy through multi-year commitments embedded in national budgeting processes.

Third, establish enforceable accountability mechanisms for implementation.

Fourth, integrate cybersecurity fully into national security and hybrid threat frameworks.

Finally, invest in decision-maker capability, not only technical skills.

9. Conclusion: From Strategy Documents to State Capability

Cybersecurity is a test of governance. South Africa has repeatedly failed that test, not because it lacks guidance, but because it lacks the will and structure to act.

The 2025 Guide does not offer comfort. It offers a mirror. What South Africa sees in that mirror should be deeply unsettling.

The question is no longer whether the country understands cybersecurity. The question is whether it is prepared to govern it.