South African small- to medium-sized enterprises (SMEs) operate in a hostile digital environment, which drives them to increase investment in cybersecurity. With cyber-attacks becoming more frequent, sophisticated, and automated, digital security has shifted from a back-office IT concern to a core boardroom priority.
According to a report by Sage, local SMEs are poised to become global leaders in cybersecurity investment and proactive vendor oversight. However, this positive shift is clashing with a scary reality: anxiety over emerging artificial intelligence (AI) threats, coupled with critical gaps in day-to-day operational resilience.
The study surveyed over 2 000 SMEs globally in countries such as Spain, France, Germany, Portugal and South Africa, among others. The report findings show that globally, 52% of SMEs rank cybersecurity and data protection among their top business priorities for the next 12 months, second only to business growth at 59%, and well ahead of scaling AI adoption, which sits at just 33%.
Within this global landscape, South Africa stands out on the world stage with an impressive 69% of South African SMEs planning to increase their cybersecurity spending over the next year, making the country the most likely to boost security budgets globally. This momentum is further reflected in their operational stance, with 37% of local businesses describing their security posture as proactive, compared to just 13% of micro-enterprises and 21% of small businesses globally.
Additionally, South Africa also leads the world in third-party vigilance, with 21% of local firms continuously monitoring the security of their software-as-a-service (SaaS) and AI vendors, compared to the 43% of micro-businesses globally who conduct no monitoring at all.
SMEs Still Vulnerable to Cyber Crimes
Although local SMEs lead in cybersecurity investment intentions, they remain highly vulnerable, with one in two organisations experiencing a cyber incident or data breach in the last year.
These incidents point towards a persistent resilience gap – the space between investing in security tools and successfully embedding them into daily operations. While SMEs reported strong deployment rates for foundational security tools like email security (79%), endpoint protection (67%), and regular data backups (71%), they frequently struggle with execution.
“Currently, only 50% of South African SMBs conduct regular staff security training or phishing simulations, and barely 36% actually test their cyber incident response plans. When a breach occurs, the absence of a trained workforce and a tested response plan means that even the most robust technical defences can quickly unravel,” says Philip Meyer, VP Product Engineering HR & Payroll, Sage AME.
The Generative AI Complexity Challenge
Generative AI (gen-AI) is a type of AI that learns from vast amounts of existing data to create brand-new, original content, such as text, images, audio, video, and code. Instead of just analysing or categorising information, it generates unique, human-like outputs in response to simple user prompts.
For SMEs, gen-AI presents as a complex tool and has added a layer of pressure to an already stretched landscape. South Africa consistently displays the highest levels of great concern globally regarding AI-driven risks, particularly around cybersecurity and data safety controls (67%) and unauthorised data access (54%).
These worries are significant because cybercriminals are using gen-AI to write phishing e-mails, create synthetic deepfake voices for impersonation fraud, and automate vulnerability scanning.
However, local preparedness is lagging far behind this awareness, with 71% of South African SMEs remaining completely unprepared or in the earliest stages of readiness to handle AI-related cyber threats.
“This AI anxiety is also exposing a dramatic divide based on business size. In South Africa, where smaller enterprises dominate the economic landscape, the challenges of secure implementation are heavily weighing on these micro-firms, threatening to lock them out of the productivity gains of the AI era simply because they do not feel safe adopting it,” explains Meyer.
Turning Cybersecurity Spending into SME Resilience
There are many ways SMEs can turn their cybersecurity investment and intention into robust business resilience.
Key Elements for SME Cyber Resilience
Building resilience is quite technical, but with a few practical pillars in place, SMEs can quickly build their cyber resilience.
1. Risk Awareness and Planning
The first step is understanding what is being protected. Most businesses have various digital assets – customer data, payment systems, intellectual property, or supply chain integrations. Outlining these and identifying the most likely risks helps SMEs prioritise resources where they are most needed.
Having an incident response plan in place makes it easier to act effectively under pressure.
2. Strong, Layered Defences
SMEs must not put all their cybersecurity responsibilities and trust in one tool. Leveraging a layered-protection strategy means using multi-factor authentication to protect logins, ensuring software is regularly patched, and backing up critical data securely in the cloud. Each layer adds another hurdle for attackers and reduces the chance of a complete shutdown if one system is breached.
3. Employee Training and Awareness
In many SMEs, employees are responsible for more than one thing. They may not have cybersecurity expertise, but their daily habits, like spotting phishing e-mails or using secure passwords, play a huge role in resilience.
By providing regular awareness sessions, SME employees become the first line of defence rather than the biggest vulnerability.
4. Continuous Monitoring and Testing
Becoming cyber-resilient is not a once-off task. Threats evolve constantly, and cyber defences need to be updated and checked regularly. Monitoring system activity for unusual behaviour or running periodic penetration tests can reveal gaps before threat actors find them.
For SMEs, working with managed service providers can make this more affordable and scalable.
5. Recovery and Business Continuity
The final part of resilience is preparing for the unexpected. If systems went offline tomorrow, how long before they are restored? Are there data backups stored securely and tested regularly? Could employees continue working from alternative systems if the main ones are unavailable?
Having a comprehensive recovery strategy significantly minimises downtime and reassures customers that the business can handle challenges efficiently and effectively.
SMEs can also leverage the security of cloud-based software-as-a-service (SaaS). By moving core business infrastructure such as financial, payroll, and HR systems to the cloud, businesses can effectively outsource complex security tasks.
“Cybersecurity is no longer a grudging operational expense; it’s a fundamental driver of competitive advantage and digital trust. By closing the resilience gap, ensuring that tools are backed by trained people, robust processes, and secure-by-design software partnerships, local businesses can confidently adopt AI, secure their supply chains, and build the resilient foundations required for long-term growth.” concludes Meyer.
South African small- to medium-sized enterprises (SMEs) operate in a hostile digital environment, which drives them to increase investment in cybersecurity. With cyber-attacks becoming more… Read More
