{"id":51690,"date":"2026-03-05T05:01:18","date_gmt":"2026-03-05T05:01:18","guid":{"rendered":"https:\/\/eduzim.co.zw\/news\/?p=51690"},"modified":"2026-03-05T05:01:18","modified_gmt":"2026-03-05T05:01:18","slug":"278598","status":"publish","type":"post","link":"https:\/\/eduzim.co.zw\/news\/2026\/03\/05\/278598\/","title":{"rendered":"Malicious insider threats surging in South Africa, new study finds"},"content":{"rendered":"<p> <script data-jetpack-boost=\"ignore\" async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-1669381584671856\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<!-- Africa tv video display -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-client=\"ca-pub-1669381584671856\"\r\n     data-ad-slot=\"3579572842\"\r\n     data-ad-format=\"auto\"\r\n     data-full-width-responsive=\"true\"><\/ins>\r\n<script data-jetpack-boost=\"ignore\">\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><br \/>\n<\/p>\n<div>\n<p><img data-recalc-dims=\"1\" fetchpriority=\"high\" decoding=\"async\" class=\"alignnone wp-image-278599 size-full\" src=\"https:\/\/i0.wp.com\/eduzim.co.zw\/news\/wp-content\/uploads\/2026\/03\/Malicious-insider-threats-surging-in-South-Africa-new-study-finds.jpg?resize=640%2C341&#038;ssl=1\" alt=\" Malicious insider threats surging in South Africa, new study finds - Mimecast\" width=\"640\" height=\"341\" srcset=\"https:\/\/eduzim.co.zw\/news\/wp-content\/uploads\/2026\/03\/Malicious-insider-threats-surging-in-South-Africa-new-study-finds.jpg 1500w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2026\/03\/threat-actor-hacker-1500-800-300x160.jpg 300w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2026\/03\/threat-actor-hacker-1500-800-1024x546.jpg 1024w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2026\/03\/threat-actor-hacker-1500-800-768x410.jpg 768w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2026\/03\/threat-actor-hacker-1500-800-150x80.jpg 150w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2026\/03\/threat-actor-hacker-1500-800-450x240.jpg 450w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2026\/03\/threat-actor-hacker-1500-800-1200x640.jpg 1200w\" sizes=\"(max-width: 1500px) 100vw, 1500px\"\/><\/p>\n<p><strong>South African organisations<\/strong> are reporting higher rates of malicious insider activity than the global average, with nearly half saying deliberate data theft by employees has increased over the past year, according to Mimecast\u2019s latest State of Human Risk Report.<\/p>\n<p>The annual study, which surveyed 2 500 IT security and IT decision-makers across nine countries \u2014 including 200 in South Africa \u2014 found that 46% of local respondents reported a rise in malicious insider incidents. That compares with a global average of 42%, which itself represents a sharp jump from 33% two years ago.<\/p>\n<p>The trend isn\u2019t only limited to global organisations. In South Africa, organisations also reported a rise in malicious insider activity over the past year (46%) \u2014 matching, for the first time, those experiencing increases in accidental or negligent incidents (46%).<\/p>\n<aside class=\"modern-quote pull alignright\">Just 28% of organisations combine regular security awareness training with continuous monitoring<\/aside>\n<p>Heino Gevers, senior director of technical support at Mimecast, told TechCentral in an interview that South African organisations are \u201ccertainly not prepared\u201d to deal with the expanding attack surface driven by the widespread adoption of collaboration and generative AI tools.<\/p>\n<p>\u201cFrom a South African perspective, a lot of the respondents have highlighted that they are certainly not prepared to deal with the expansion in what we like to call the attack surface explosion,\u201d said Gevers.<\/p>\n<p>While traditional insider threats involve the theft of financial records or trade secrets, Gevers warned that the theft of AI models represents an emerging and poorly understood risk \u2014 particularly as South African companies move their AI strategies from pilot to production.<\/p>\n<h2>AI threat<\/h2>\n<p>An AI model, he explained, distils far more than raw data. It encapsulates a company\u2019s intellectual property, strategy and competitive advantage in a form that is immediately usable by a competitor or bad actor. Yet most organisations lack the tools to detect when models are being exfiltrated.<\/p>\n<p>\u201cIt\u2019s a new type of threat. AI models incorporate such meaningful information \u2014 it\u2019s outside of the normal data theft,\u201d said Gevers. \u201cMost organisations do not have the technology or the means to detect when these models are being stolen or exfiltrated. It is certainly going to be a new type of insider threat that we\u2019re not used to or certainly not prepared to deal with.\u201d<\/p>\n<h3 style=\"text-align: right;\">Read: The AI fraud crisis your bank is not ready for<\/h3>\n<p>He added that many South African companies are moving AI into production without even having usage policies in place \u2014 a significant gap given the risks involved.<\/p>\n<p>The report also highlights what Mimecast calls the \u201crecognition\/action gap\u201d: organisations are investing in security awareness training but failing to connect it with technical controls that can act on the intelligence.<\/p>\n<figure id=\"attachment_277730\" aria-describedby=\"caption-attachment-277730\" style=\"width: 1500px\" class=\"wp-caption alignnone\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-277730\" src=\"https:\/\/i0.wp.com\/eduzim.co.zw\/news\/wp-content\/uploads\/2026\/03\/1772686875_793_Malicious-insider-threats-surging-in-South-Africa-new-study-finds.jpg?resize=640%2C341&#038;ssl=1\" alt=\"Heino Gevers Mimecast\" width=\"640\" height=\"341\" srcset=\"https:\/\/eduzim.co.zw\/news\/wp-content\/uploads\/2026\/03\/1772686875_793_Malicious-insider-threats-surging-in-South-Africa-new-study-finds.jpg 1500w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2026\/02\/heino-gevers-1500-800-300x160.jpg 300w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2026\/02\/heino-gevers-1500-800-1024x546.jpg 1024w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2026\/02\/heino-gevers-1500-800-768x410.jpg 768w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2026\/02\/heino-gevers-1500-800-150x80.jpg 150w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2026\/02\/heino-gevers-1500-800-450x240.jpg 450w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2026\/02\/heino-gevers-1500-800-1200x640.jpg 1200w\" sizes=\"auto, (max-width: 1500px) 100vw, 1500px\"\/><figcaption id=\"caption-attachment-277730\" class=\"wp-caption-text\">Mimecast\u2019s Heino Gevers<\/figcaption><\/figure>\n<p>Globally, just 28% of organisations combine regular security awareness training with continuous monitoring. In practice, this means that when behavioural analytics flag a high-risk user, that intelligence does not automatically trigger coordinated responses across access controls, data loss prevention and monitoring systems.<\/p>\n<p>Gevers said South African organisations are particularly exposed. \u201cWe are very good at awareness. But where we fall short is overlapping the technical controls with the human controls. In other words, they don\u2019t inform one another.\u201d<\/p>\n<p>He gave a practical example: an employee whose role gives them legitimate access to sensitive data begins downloading information after hours or sharing files in collaboration tools like Teams or Slack in ways they hadn\u2019t before. Without integrated systems that assign risk scores and trigger automated responses, that behavioural shift goes undetected until damage is done.<\/p>\n<aside class=\"modern-quote pull alignright\">Globally, organisations experience an average of six insider-driven incidents per month<\/aside>\n<p>This is especially acute in a market experiencing significant workforce volatility. Gevers noted that specialists who build AI models in South Africa often develop the entire system end to end \u2014 the model, the security architecture, the strategy. When they leave, they take deep institutional knowledge with them, and many organisations lack proper offboarding processes to manage that risk.<\/p>\n<p>\u201cIn that part of the South African market, our companies do not do very well at the moment,\u201d he said.<\/p>\n<p>The report found that 91% of organisations globally face challenges maintaining governance and compliance over communications data. In South Africa, 52% of respondents said they cannot locate communication data quickly enough to meet regulatory or legal requirements \u2014 a vulnerability that could prove costly in the event of a breach investigation.<\/p>\n<h2>\u2018Underprepared\u2019<\/h2>\n<p>\u201cIt means we are very much underprepared to deal with a particular situation like a breach,\u201d said Gevers.<\/p>\n<p>The study also found that 38% of organisations globally rely solely on native security controls for collaboration tools, even though 64% of respondents acknowledge those controls are inadequate. Gevers said native controls were \u201cdesigned to deal with a technology problem\u201d and have not kept pace with the need to identify and respond to human behavioural risk.<\/p>\n<h3 style=\"text-align: right;\">Read: US orders diplomats to fight foreign data sovereignty rules<\/h3>\n<p>Globally, organisations experience an average of six insider-driven incidents per month at an estimated cost of US$13.1-million per incident, the report found. Mimecast does not provide a South Africa-specific figure, though Gevers said the local impact likely exceeds the global average given the concentrated nature of the market.<\/p>\n<p>\u201cWe only have a few major players in banking, telecoms, the mining space, and of course the retail sector. Losing any form of proprietary information through a breach is quite significant,\u201d he said. \u201cIt\u2019s not a one-solve-and-we-move-on situation.\u201d<\/p>\n<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-256498\" src=\"https:\/\/i0.wp.com\/eduzim.co.zw\/news\/wp-content\/uploads\/2026\/03\/1772686877_429_Malicious-insider-threats-surging-in-South-Africa-new-study-finds.jpg?resize=640%2C307&#038;ssl=1\" alt=\"hacker\" width=\"640\" height=\"307\" srcset=\"https:\/\/eduzim.co.zw\/news\/wp-content\/uploads\/2026\/03\/1772686877_429_Malicious-insider-threats-surging-in-South-Africa-new-study-finds.jpg 2500w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2024\/12\/ransomware-hacker-security-2500-1200-300x144.jpg 300w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2024\/12\/ransomware-hacker-security-2500-1200-1024x492.jpg 1024w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2024\/12\/ransomware-hacker-security-2500-1200-768x369.jpg 768w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2024\/12\/ransomware-hacker-security-2500-1200-1536x737.jpg 1536w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2024\/12\/ransomware-hacker-security-2500-1200-2048x983.jpg 2048w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2024\/12\/ransomware-hacker-security-2500-1200-150x72.jpg 150w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2024\/12\/ransomware-hacker-security-2500-1200-450x216.jpg 450w, https:\/\/techcentral.co.za\/wp-content\/uploads\/2024\/12\/ransomware-hacker-security-2500-1200-1200x576.jpg 1200w\" sizes=\"auto, (max-width: 2500px) 100vw, 2500px\"\/><\/p>\n<p>Two-thirds of respondents globally expect insider-related data loss to increase over the next 12 months.<\/p>\n<p>Mimecast commissioned research firm Vanson Bourne to conduct the survey of 2 500 IT security and IT decision-makers across nine countries in November and December 2025. All organisations surveyed had more than 250 employees.\u00a0 \u2013<em> \u00a9 2026 NewsCentral Media<\/em><\/p>\n<p class=\"p4\" style=\"text-align: center;\"><b><i>Get breaking news from TechCentral on WhatsApp.\u00a0<\/i><\/b><span class=\"s2\"><b><i>Sign up here<\/i><\/b><\/span><b><i>.<\/i><\/b><b><i\/><\/b><\/p>\n<\/div>\n<p><script data-jetpack-boost=\"ignore\" async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-1669381584671856\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<!-- Africa tv video display -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-client=\"ca-pub-1669381584671856\"\r\n     data-ad-slot=\"3579572842\"\r\n     data-ad-format=\"auto\"\r\n     data-full-width-responsive=\"true\"><\/ins>\r\n<script data-jetpack-boost=\"ignore\">\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><br \/>\n#Malicious #insider #threats #surging #South #Africa #study #finds<\/p>\n","protected":false},"excerpt":{"rendered":"<p>South African organisations are reporting higher rates of malicious insider activity than the global average, with nearly half saying deliberate&hellip;<\/p>\n","protected":false},"author":1,"featured_media":51691,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[32],"tags":[],"class_list":["post-51690","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-mzansi"],"_links":{"self":[{"href":"https:\/\/eduzim.co.zw\/news\/wp-json\/wp\/v2\/posts\/51690","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/eduzim.co.zw\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/eduzim.co.zw\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/eduzim.co.zw\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/eduzim.co.zw\/news\/wp-json\/wp\/v2\/comments?post=51690"}],"version-history":[{"count":1,"href":"https:\/\/eduzim.co.zw\/news\/wp-json\/wp\/v2\/posts\/51690\/revisions"}],"predecessor-version":[{"id":51692,"href":"https:\/\/eduzim.co.zw\/news\/wp-json\/wp\/v2\/posts\/51690\/revisions\/51692"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/eduzim.co.zw\/news\/wp-json\/wp\/v2\/media\/51691"}],"wp:attachment":[{"href":"https:\/\/eduzim.co.zw\/news\/wp-json\/wp\/v2\/media?parent=51690"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/eduzim.co.zw\/news\/wp-json\/wp\/v2\/categories?post=51690"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/eduzim.co.zw\/news\/wp-json\/wp\/v2\/tags?post=51690"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}