City of Johannesburg breach due to too few 'deep' cybersecurity experts

Steven Sidley says SA enterprises with on-premise server rooms and data centres are sitting ducks.

On Thursday night, the City of Joburg announced a breach of its network, which IT expert Steven Sidley accredits to the lack of ‘deep’ cybersecurity experts in South Africa. 

The City of Joburg said in a tweet that it had detected a network breach which resulted in unauthorised access to its information systems. The tweet read: 

“The incident is currently being investigated by City of Joburg cybersecurity experts, who have taken immediate and appropriate action to reinforce security measures to mitigate any potential impacts. As a result, several customer-facing systems including the City’s website, e-services and billing systems, have been shut down.”

Bridge Capital Future Advisory director Steven, who has over 30 years experience in IT and technology including having held the CTO role for Anglo American and Altech, said in the absence of ‘deep’ cybersecurity experts in South Africa, “most of the other ‘experts’ can be stomped on very quickly by serious hackers. 

“I took an online white-hat hacking course from Coursera and can break into most enterprises after only three months of study,” he said. 
Steven added that South African enterprises with their own on-premise server rooms and data centres are sitting ducks, concluding that one of the solutions would be to “host the servers behind a seriously secure cloud like Amazon, but corporate hubris (and POPI in some circumstances) prevents this”.