cyber - Vox

Protect Your Business Operations

Posted on 10 March 2026 by Vivienne Fouche

…with Cybersecurity Measures and Real-time Backups

Remember the Transnet cyberattacks of July 2021? They brought huge parts of the country’s supply chains to a standstill for weeks and were a grim reminder of the damage that a cybersecurity breach can cause, not only to a company, but to a country itself. The fact that such a level of disruption can take place at a national level is a stark reminder of how critically important cybersecurity is today, for larger and smaller businesses alike.

Transnet – the nation’s ports, rail and pipelines operator – became a victim of a huge ransomware attack on 22 July 2021, which took offline its IT system, several of its websites and its vital container terminal operating system. Trucks backed up outside Durban harbour on land while ships did the same at sea, as turnaround times to collect or offload containers turned from hours into days because of the manual processes that had to be implemented.

Finally, four days later on 26 July, the company was forced to throw in the towel, and Transnet Port Terminals sent a letter declaring ‘force majeure’ – because of ‘an act of cyberattack, security intrusion and sabotage’ – at several key container terminals, including the Ports of Durban, Ngqura, Port Elizabeth and Cape Town. Under international law, force majeure refers to an irresistible force or unforeseen event beyond the control of a state, making it materially impossible to fulfil an international obligation.

Protect operations with cybersecurity measures and real-time backups — Ships at the Port of Durban

For South African businesses and the country itself, this was a further disaster for the economy, coming on the back of the COVID-19 global pandemic in 2020 and the wave of civil unrest that had taken place in KwaZulu-Natal and Gauteng earlier that month.

We take a closer look at the importance of implementing cybersecurity measures, including real-time back-ups, to help organisations keep their operations running during major disruptions.

Like the Boy Scouts Always Said: ‘Be Prepared!’

Whether it’s a cyberattack, natural disaster, system failure or even human error, organisations must always be prepared to respond and recover, fast. A business that isn’t prepared will risk prolonged downtime, financial losses and reputational damage – all of which happened in the Transnet cyberattack

Cybersecurity measures will help to protect against attacks before they can happen, using immutable backups as well as secure vaults to recover from ransomware. Real-time backups and replication use technologies to ensure minimal data loss.

The benefits of enhanced business resilience include minimising downtime and thus preventing financial losses; protecting your business’s reputation, which helps to maintain customer confidence and ensure future customers; and meeting regulatory compliance requirements, both legal and industry-specific.

Unexpected disruptions can bring businesses to a standstill at any time, with no warning. While global pandemics and civil unrest obviously remain out of the control of business, implementing effective cybersecurity measures, including real-time backups, can keep businesses of all sizes still running during major disruptions.

Organisations that fail to implement these measures face severe risks. We just have to think back to late July 2021 to be reminded of the importance being able to keep operations running during cyberattacks – for businesses of all sizes. ‘Too big to fail’ is not an effective security strategy.

Vox offers cybersecurity solutions to assist our business clients in protecting their systems and processes, and their data – click here to find out more about our offerings.

Frequently Asked Questions

What are real‑time backups and how do they keep operations running during a cyberattack?
Real‑time backups capture and replicate data continuously or at very short intervals so the most recent data is available for recovery. During a cyberattack—especially ransomware—real‑time backups reduce data loss and speed up recovery, helping operations resume faster. For managed real‑time replication, speak to Vox about our Real‑time Backup & Replication solutions.

How do immutable backups protect against ransomware?
Immutable backups are write‑once, read‑many copies that cannot be altered or deleted by attackers, ensuring a clean copy of your data is always available for restoration. Pairing immutable backups with secure vaulting is a best practice for resilient ransomware recovery—Vox’s Immutable Backup Vaults can be configured to meet regulatory and business requirements.

Are backups alone enough to ensure business continuity?
Backups are essential but not sufficient alone. Effective business continuity combines preventive cybersecurity measures (patching, endpoint protection, network security), incident response plans, and tested disaster recovery procedures alongside backups.

Are real‑time backups suitable for small and medium enterprises in South Africa?
Yes. SMEs benefit from real‑time replication and managed backup services because they minimise data loss and avoid prolonged downtime without the need for large in‑house teams. Vox offers scalable backup and managed security services tailored to SME budgets and compliance needs.

What is a secure vault and why is it important for backup strategy?
A secure vault is an isolated, protected storage location, often with immutability and strict access controls, designed to keep backup copies safe from unauthorised changes or deletions. Secure vaulting prevents attackers from destroying backups as part of an attack; Vox’s Secure Backup Vault solutions provide controlled retention and strong access policies.

Working to Identify and Protect SA’s Heritage Resources

Posted on 11 November 202511 November 2025 by Natalie van der Merwe

Vox partnered with the South African Heritage Resources Agency (SAHRA) to deliver an integrated programme of connectivity, voice and network security, demonstrating how SAHRA connectivity and SD‑WAN for heritage sites can safeguard archives, improve communication and reduce costs. SAHRA requires a modern, secure and resilient IT environment to protect national heritage records and support remote working.

Planning SAHRA’s Connectivity and SD-WAN for SA’s Heritage Sites

The South African Heritage Resources Agency (SAHRA) is an agency of the Department of Sport, Arts and Culture – formerly known until 2000 as the National Monuments Council – which is tasked with an overall legislative mandate to identify, assess, manage, protect and promote heritage resources in South Africa, and to protect them for future generations.

National heritage sites need to be protected and safeguarded from damage or alteration, and it’s important to prevent development that could endanger their existence. As a national agency with additional provincial authorities, SAHRA works with local communities to identify heritage resources and record their oral and living histories, as well as increase public involvement in the preservation of heritage resources.

“South Africa has a very rich heritage,” says Stephen Muller, SAHRA ICT Manager, “and SAHRA works across a number of business units – including Heritage Properties, Burial Grounds and Graves, the Built Environment and Heritage Protection – to identify and protect heritage resources in South Africa.

“We have a very valuable registry in the form of our internal archives, encompassing a vast amount of heritage documents including old papers, plans, maps, information about graves…. information from the past that it’s important to protect and preserve.

“Overall, our outlook for the future is to become significantly more digitalised, including with our registry and archives, and also as an organisation overall. The work done by SAHRA is valuable and it’s important that it’s assisted in the digital realm, to protect South Africa’s Heritage Sites in the physical realm.”

South Africa has eight World Heritage Sites, as follows: Robben Island (Western Cape), iSimangaliso Wetland Park (formerly known as the Greater St Lucia Wetland Park in Kwa-Zulu/Natal); the Cradle of Humankind (Gauteng), Maloti Drakensberg Park (Kwa-Zulu/Natal), Mapungubwe Heritage Site (in Limpopo province, located at the border of South Africa, Zimbabwe and Botswana), the Cape Floral Kingdom (Western Cape), the Richtersveld Cultural and Botanical Landscape (in the Northern Cape, along the Orange River border with Namibia) and the Vredefort Dome (Free State).

In addition, there are also several heritage sites declared by SAHRA, which include the Castle of Good Hope, the Bushmanskloof Rock Painting Landscape, the Daljosafat Cultural Landscape, the SS Mendi Memorial, the South African Astronomical Observatory, Liliesleaf Farm and the West Coast Fossil Park, among others.

4 1080 5 1080x720 1 | Vox | Working to Identify and Protect SA's Heritage Resources — SS Mendi Memorial

The Business Challenge

“It’s our intention to have a proper electronic document records management system in place so that we can get all our information, including our records and administrative systems, more digital,” explains Muller.

“We are moving forward in this regard; for example we have a YouTube channel and we use it to broadcast on pertinent issues, including a webinar in September – which is Heritage Month in South Africa – which is geared towards allowing the public to share in the conversation. I like to say that even though we’re a heritage organisation, it doesn’t mean that our technology or infrastructure needs to be heritage as well!”

In the quest to keep SAHRA’s digital processes and communications systems modern and not ‘vintage’, the organisation has carried out a significant number of implementations or upgrades in the past 10 years or so. These include such important technology elements as:

Business Fibre connectivity;
Voice and Telephony solutions;
Backup of data;
Foundational network security; and
The implementation of an SD-WAN solution.

Some of these implementations have been carried out at SAHRA’s head office in the Western Cape, and others have been at regional offices. SAHRA operates across four sites around the country. Muller clarifies that there have been some challenges previously with getting all the sites connected with fast connectivity, including the use of a slow ADSL line at one of the regional offices.

“Our concerns were around data security and service continuity, as well as site integrations that were required to interlink all our colleagues and allow them to interact and integrate with our existing systems and offices. Vox was able to address these requirements through well detailed bids,” he explains.

The Business Solution

As a government entity, SAHRA is required to follow strict bidding / tender procedures each time a new project or upgrade over a particular Rand value is required. Muller explains: “Being a government entity, we have to follow a formal public procurement process and that’s always done by a means of competitive bidding. SAHRA’s relationship with Vox began when we had to shift our existing voice solution, and then we also added in the Internet connectivity as well. Later on, we found the need to include managed firewall services and most recently we have had a requirement for an SD-WAN solution.

“On each of these occasions, Vox has submitted separate tender documentation in response to the advertised tenders. In summary, Vox has helped SAHRA to improve on our operational efficiency, including the enhancement of our remote working capabilities. Additionally, Vox has helped us to strengthen our cybersecurity posture, while also reducing infrastructure costs over time.”

Vox was the successful winner of a number of tender processes for SAHRA in recent years, as follows:

2018/2019: Hosted Digital Communication System

Fibre connectivity
Verto Hosted PBX and Yealink handsets
Uncapped Voice
Communications Manager (TMS)
Network Cabling
Chrome Air (Voice over LTE)
Number porting

2020: Poly Studio VC Solution

2021: Veeam Backup & Replication Enterprise Plus

2022: Connectivity and Voice and Network security

Primary and failover connectivity at five sites
- Consists of fibre, wireless and LTE
Moved from Verto Supreme to 3CX Cloud for PBX, Unified Communication and mobility services
Uncapped Voice
Fortigate Firewall at five sites

2024: Connectivity and Voice and Network security / SD-WAN

Provision of two stand-alone internet links at four sites
- Consists of fibre, wireless and LTE
Moved from Verto Supreme to 3CX Cloud for PBX, Unified Communication and mobility services
Uncapped Voice
Fortigate Firewall at five sites with SD-WAN for WAN resiliency

René Minnie, Key Account Manager at Vox, clarifies that the most recent 2024 upgrades are of particular interest and significance for SAHRA, involving upgrades to the entity’s connectivity, voice and network security. She says: “When we look at the migration from Verto Supreme to 3CX Cloud, we see that Vox is providing SAHRA with a solution that is future-proof and rich in functionality, and which allows more control. With regards to the implementation of an SD-WAN solution, it is important to note that Vox has provisioned for the ability to use both links at each site.

“As for the benefits of SD-WAN, it’s a modern networking solution that simplifies the management and operation of a wide area network (WAN) by decoupling the network hardware from its control mechanism, with key benefits including improved network performance, cost efficiency, enhanced security, simplified management, and scalability and flexibility.”

More details on the benefits of SD-WAN are as follows:

Improved Performance: SD-WAN intelligently routes traffic across the most efficient paths, reducing latency and improving application performance, especially for cloud-based services.
Cost Efficiency: SD-WAN allows businesses to use lower-cost internet connections (like broadband) alongside or instead of expensive MPLS links, significantly reducing WAN costs.
Enhanced Security: Built-in encryption, firewall capabilities and centralised security policies help protect data across all network endpoints.
Simplified Management: Centralised control makes it easier to configure, monitor and manage the network, reducing the need for manual intervention and on-site IT support.
Scalability and Flexibility: SD-WAN supports rapid deployment across multiple locations and adapts easily to changing business needs, making it ideal for growing organisations.

A Strategic Partner Towards the SAHRA IT Unit

Muller says he has been very happy with both the service and the products received from Vox overall, and enjoys an extremely positive relationship with Vox. He clarifies: “The service levels have always been consistently high, and in fact have always exceeded what we at SAHRA have requested. We also very much appreciate the scalability of the available offerings.

“You could say that Vox has essentially become a strategic partner towards the SAHRA IT unit, and as a company, its employees and divisions are very good at communicating the available offerings, both for a present requirement as well as for future possibilities and planning – I find Vox to be well-structured and transparent.”

Muller also praises the quality of Vox’s tender documents, which, he says, are unfailingly of a high quality and provide all the information – and sometimes more – than actually required.

“Usually, we look to see that the potential service providers are able to meet or even exceed our minimum requirements,” he explains. “Then we look at proven reliability and uptime, scalability, security and compliance. Cost-effectiveness plays a vital role as well, and we also look at strong support and after-sales service.

“Vox scores consistently highly across all these categories, including with excellent service and competitive pricing across all its products. The type of bid received from Vox overall is always excellent. No matter big or small, there’s always enough information. If it’s a specific brand or model mentioned, there will be a specification sheet that paints a clear picture.”

Minnie adds that the interactions with Muller and the rest of his team at SAHRA have always been most pleasant: “As a company, people across a number of divisions at Vox appreciate SAHRA’s business relationship, which is based on mutual politeness and respect. Our two companies work extremely well together, and we look forward to continuing to be of assistance to SAHRA for many years into the future,” she says.

“I believe that in Vox, SAHRA has found an excellent partner and over the years, we have met regularly and enjoyed smooth operations overall. And so if I could sum it up, Vox’s offerings are a clear commitment to a partnership with long-term value overall, because of the scalability and expansions that are offered by Vox,” concludes Muller.

Download Case Study

FAQs

What is SD‑WAN and why is it important for heritage institutions?
SD‑WAN is a modern WAN architecture that intelligently routes traffic across multiple links. It improves performance, resilience and security, which is critical for institutions needing reliable access to cloud archives and remote collaboration.

Which Vox products were implemented at SAHRA?
Vox implemented Business Fibre, voice platforms (Verto Hosted PBX historically and migration to 3CX Cloud), Yealink handsets, Fortigate firewalls, Veeam backup and Poly Studio VC, plus wireless/LTE failover.

How does SD‑WAN improve security?
SD‑WAN supports centralised security policies, encryption of WAN links and integration with managed firewalls, reducing exposure for distributed sites and sensitive data.

Can SD‑WAN reduce costs for government agencies?
Yes. By enabling the use of lower‑cost broadband and LTE alongside fibre, SD‑WAN can lower WAN expenses while maintaining performance and resilience.

How did Vox ensure compliance with SAHRA’s procurement rules?
All implementations were awarded through formal competitive tenders, with Vox submitting detailed, compliant bid documents for each procurement phase.

Will SD‑WAN help with disaster recovery and backups?
SD‑WAN improves connectivity resilience which supports replication and backup workflows. Combined with solutions like Veeam, it strengthens overall data protection and recovery capabilities.

Is 3CX Cloud suitable for public sector organisations?
3CX Cloud provides unified communications, mobility and scalability, making it suitable for public sector needs when paired with secure network infrastructure and managed services.

How can heritage organisations begin modernising their IT?
Start with a connectivity assessment, define continuity and security requirements, and procure resilient links, firewall protection and a future‑proof voice platform. Consider a phased tendered approach similar to SAHRA’s.

Hot Promotions

Vox re-enters the security arena with global leader Sophos

Posted on 29 October 202530 October 2025 by Audrey Vadival

By Audrey Vadival, Head of Division: Security and Value-added Services

Vox is pleased to announce the launch of its new cybersecurity division in partnership with global cybersecurity leader, Sophos.

The Vox-Sophos cybersecurity partnership expands Vox’s long-standing position as a trusted ISP into a full-service digital guardian, offering South African companies an integrated portfolio of connectivity, communication and protection solutions.

Key highlights:

Comprehensive protection: Firewalls, endpoint security, MDR, XDR and Phish Threat solutions all integrated within Vox’s managed security offering.
AI-powered defence: Proactive threat hunting, deep learning analysis, and automated response capabilities.
Integrated simplicity: Unified Sophos Central dashboard consolidates all alerts and data across third-party tools with the XDR and MDR offerings.
Security awareness training: Automated phishing simulations and targeted education to turn employees into first-line defenders.
Accessible pricing: Vox pricing and fibre/firewall bundles for South African customers

The move is a response to a growing need in the market. Cyberattacks are growing more sophisticated and frequent in South Africa, with the country remaining one of Africa’s most targeted for cybercrime.

According to the BDO Global Risk Landscape Report 2025 and Allianz Risk Barometer, companies have faced an average of 2,114 cyberattacks per company per week in 2025 – a year-on-year increase of 14%. The Sophos State of Ransomware in South Africa 2025 report put a price tag on the threat – the median ransomware demand rose from R2.8 million in 2024 to R18 million in 2025 while the median payment nearly tripled to R8.3 million.

Vox’s partnership with Sophos brings enterprise-grade cybersecurity within reach for local companies of all sizes. Small to medium enterprises (SMEs) through to corporates can benefit from a portfolio of solutions designed to combine proactive threat hunting with round-the-clock monitoring and simplified management.

We’re connecting and protecting companies. Our partnership with Sophos gives us the ability to create world-class security solutions which leverage next-generation protection capabilities like AI within a local, managed services model that makes high-end protection both accessible and affordable.

Vox’s new cybersecurity arm forms part of our broader strategy to evolve from a pure connectivity and communications provider into a holistic managed service and security partner. The focus is simple – secure the connection, secure the data, protect customers – and it builds on the foundation of trust Vox has already built with our growing customer base.

Our customers already trust us with their communications and connectivity, and it makes sense to extend that trust into cybersecurity. Sophos has a robust and relevant solution portfolio that ensures we can deliver a synchronised security stack that protects every part of the digital journey, from the connection to the user.

The value proposition within the partnership rests in Vox’s ability to combine advanced technology with real-world simplicity. One dashboard, one licence and one provider, with multiple solutions integrated smoothly through Sophos Central. Companies can monitor and respond to threats rapidly with a single, unified view.

Vox will be offering a suite of five Sophos products which are designed to work together to prevent, detect and respond to modern threats.

The Sophos XGS Series firewall, launched earlier this year, offers AI-powered threat prevention and zero-day defence, while Sophos Intercept X combines deep learning AI and anti-ransomware for rapid threat detection and defence.

Sophos MDR delivers 24/7 expert-led security as a service with proactive threat hunting and rapid incident response. Sophos XDR provides visibility across all critical attack surfaces, including third party tools, while Sophos Phish Threat helps you stay ahead and prevent expensive mistakes by proactively educating your workforce

According to Pieter Nel, Sales Director SADC at Sophos South Africa: “The threat landscape in South Africa continues to intensify, and organisations are looking for a partner that can simplify cybersecurity while still delivering enterprise-grade protection.

“Our partnership with Vox brings the full strength of Sophos’ MDR, XDR and AI-driven technologies directly into a locally managed service model, making advanced cyber defence accessible to businesses of all sizes. Together, we are ensuring South African organisations can detect and stop ransomware and other cyberattacks before they cause disruption or financial damage.”

Vox, a Gold Partner for Sophos, offers highly competitive pricing and flexible security bundles which combine fibre and firewall protection in one accessible package. Starting from October 2025 with the ‘Securing Your Connectivity’ promotion, Vox is making enterprise-level security affordable to South African companies while providing local support and expertise.

Businesses are dealing with complicated threats and sophisticated attacks and are at constant risk, so our mission is making their lives easier. You don’t need a large team or multiple IT vendors, just one partner with the right security tools, and that’s us.

To learn how the Vox Sophos cybersecurity partnership can protect your business, contact Vox for a tailored security assessment and a quote for managed security services and fibre/firewall bundles.

Recommended next steps for businesses

Assess current exposure: Identify critical assets and where detection blind spots exist.
Consider a managed approach: If you lack in-house security resource, managed XDR/MDR can significantly reduce risk.
Combine connectivity and security: Explore Vox’s firewall and fibre bundles for simplified billing and integrated support.
Train staff: Add security awareness training to reduce phishing and social engineering risk.

FAQs

What is the Vox Sophos cybersecurity partnership?
The Vox Sophos cybersecurity partnership is a local managed security service combining Vox connectivity with Sophos enterprise-grade tools (XGS firewall, Intercept X, MDR, XDR and Phish Threat) to protect South African businesses.

What cybersecurity solutions are included in Vox’s offering?
Vox offers Sophos XGS firewalls, Intercept X endpoint protection, Sophos MDR (24/7 monitoring & response), Sophos XDR (cross-surface visibility) and Phish Threat security awareness training, all managed via the Sophos Central dashboard.

Who should consider Vox managed security services?
SMEs through to large corporates that want simplified, enterprise-grade protection—organisations without large in‑house security teams, or those seeking 24/7 threat hunting, AI-driven detection and consolidated management.

How do I get started or request a quote?
Contact Vox’s security team for a tailored security assessment and pricing. Vox offers competitive fibre and firewall bundles (including the “Securing Your Connectivity” promotion from October 2025) with local support and implementation.

The Real Cost of a Data Breach for Individuals

Posted on 20 October 202524 October 2025 by Suhail Dinat

Another day, another data breach.

It seems like every other week that some big company announces they’ve been hacked (seriously, hospitals – heard of a firewall?). Entire databases of private, confidential information are sent into the digital wild more frequently than Trump changes his mind. And, the sad part is, the individuals who’ve been compromised often suffer as much as the entities who let it happen.

A good PR campaign and said company can get back on their feet. Know who can’t? The affected parties who now must recover financially, emotionally, and socially.

Financial Impact: Immediate and Hidden Costs

When people think about breaches, the first implication they consider is financial – rightfully so, as the immediate effect is usually on your pocket.

Fraud, loans and damaged credit:

Criminals don’t even need actual money to run wild – just your card details are enough of a launching pad. How so? Here are some ways:

They may start fraudulently purchasing gift items, electronics, or crypto before you’re even aware of it.
Many criminals take out excessive loans linked to another account using stolen identities. The victim only finds out once collection is due.
On a smaller scale, quick cash-outs via e-wallet, ride sharing, and even food delivery accounts are also small ways victims have been hit.

Think it’s not relevant? Let’s look at the history:

An Equifax breach exposed the personal information of 147 MILLION people in 2017. Most of these victims later reported fake loan approvals and fraudulent credit card applications within a matter of days. And, even if the matter is eventually resolved, you can’t put a price on the stress, hours lost waiting on hold, or any residual damage to your credit score.

Identity theft — a long‑term risk:

Unlike a wallet, you can’t just “get a new” digital identity. Once your data is compromised, criminals can use it for decades. Think credit fraud, tax fraud, or even medical identity theft for prescription drugs.

The knock-on effect of these breaches is immense. They can impact on your ability to rent, apply for loans, and in some cases even find jobs.

The human cost — stress, relationships and reputation:

Everyone talks about Data breaches numerically, but what the victims go through is often overlooked. Many victims have to live with the daunting reality of:

Mounting anxiety as they log in and out of their banking app. Repeatedly.
The uncertainty of not knowing whether your info has been stolen.
The pain of repeatedly explaining your situation to strangers.

Think sleepless nights, relationship stress, and a never-ending daunting feeling. Cybercrime steals more than data – it takes away peace of mind.

Privacy harms that money can’t fix:

Many breaches expose extremely sensitive information. Think dating apps, health records, or your browser history (shudder).

And, unlike credit cards, your bank can’t (eventually) undo this one.

Ever heard of Ashley Madison? They were Tinder before Tinder. Until, one day, users were blackmailed with threats to expose their private activity. You can imagine how this went down.
Or spare a second to think about health-related breaches – and how stigmatised patients can feel when their conditions become public.

Some impacts transcend monetary value – they can damage reputations, careers, respect and relationships.

The problem with a breach is often the delayed effect. Cybercrime has a long tail, and slow burning effect. Once your Data is sold on the dark web, it stays there. In fact, it can even be resold, and repeat issues emerge for multiple years.

What to do right now if your data’s been breached

But enough fearmongering, what can we do if we find ourselves compromised? Here’s an easy guide:

Change your passwords. Immediately. ALL of them.
Enable your multifactor authentication (MFA).
Verify whether your email has also been leaked (use sites like “have I been pwnd” – you can even do it now).
Monitor your bank accounts (and notify your bank).
Temporarily freeze your credit file.
Double-check any calls, emails, or texts asking for information.

You can’t simply measure the true cost of a Data breach via a spreadsheet. The price you pay is intangible, and how do you quantify a lifetime of looking over your shoulder?

Act now – protect your data

Companies can move on – but victims carry the burden even once the headlines fade. This is why taking your cybersecurity seriously is no longer optional. It’s necessary. Because, in today’s digital world, your bank account isn’t your most valuable asset – your data is.

You can’t undo every breach, but you can limit the damage. Change passwords, enable MFA, keep an eye on your accounts and use reputable security tools. Treat data protection as essential because your information is often more valuable than the cash in your account.

Get immediate protection with Norton from Vox.

FAQs

What immediate steps should I take after a breach?
Change passwords, enable MFA, check Have I Been Pwned, notify your bank, and consider freezing your credit.

How long can identity theft affect me?
It can last years. Stolen data can be resold and reused, so ongoing monitoring is essential.

Will my bank always refund fraud losses?
Not always. Many banks will help, but you still face time spent on disputes and potential credit impacts. Report fraud immediately.

Can consumer security software really help?
Yes. Reputable suites (like Norton 360 offered through Vox) reduce your risk of phishing, smishing and device compromise and include privacy tools and 24/7 support.

Proactive MDR: Safeguarding Your Business

Posted on 20 October 202521 October 2025 by Audrey Vadival

Enjoy Round-the-Clock Protection with Vox and Sophos Managed Detection and Response

In South Africa, we are unfortunately used to home invasions, and certainly there is evidence that the presence of a security company can go a long way towards keeping homes, businesses and neighbourhoods safer.

What about the online version of a break-in – how do you protect your business?

Hackers are constantly putting out feelers for companies that don’t have adequate safety and security measures to protect themselves. Some organisations try to take care of their cybersecurity themselves, which can be a bit like a homeowner relying solely on an electric fence: it might offer some protection, but is definitely not infallible all the time.

Cybercriminals – like their real-world counterparts – choose targets with a simple goal of maximising their reward while minimising their risks. As a case in point: 88% of ransomware attacks on organisations occur outside normal business hours.

So why not call in the experts and get a Managed Detection and Response (MDR) service for your business? Think of it as being like a cyber version of a security service for your company – always on guard for you, and ready to act around the clock.

Expert-Led 24/7 Managed Detection and Response Service

Vox has partnered with global cybersecurity experts, Sophos, to offer advanced protection solutions, including managed Detection and Response services.

Powered by its global threat intelligence team, Sophos provides cloud-native, AI-enhanced security to protect organisations of all sizes from modern cyber threats like ransomware, phishing and malware.

Sophos MDR is a comprehensive security-as-a-service solution that provides continuous, expert-led protection against today’s advanced cyberthreats. It’s designed for organisations of all sizes and is an ideal choice for businesses lacking in-house security resources, or those needing to enhance their existing capabilities.

Sophos MDR service gives your business a dedicated, professional team that proactively hunts for and neutralises threats, around the clock. In addition, Sophos MDR seamlessly integrates with over 350 of your existing third-party security tools. This unique approach allows you to realise significant cost savings while maximising the return on your existing technology investments.

By combining human expertise with advanced AI, Sophos MDR from Vox detects and responds to sophisticated attacks that technology alone might miss. Ultimately, Sophos MDR provides comprehensive, round-the-clock protection without the immense complexity or expense of building your own in-house security operations centre.

24 /7 Cybersecurity Monitoring

Sophos MDR from Vox includes the following benefits: round-the-clock threat monitoring, where continuous protection against attacks, even outside business hours, reduces risk; expert-led threat hunting, in which people are involved in proactively uncovering and eliminating evasive threats that tools can miss; and full-scale incident response and root cause analysis, including recommendations to prevent recurrence.

In addition, Sophos MDR from Vox also provides flexible response modes, with which you decide how the MDR team operates, at the level that suits your organisation; and compatibility with third-party tools that integrate with your existing security stack; eliminating the need to ‘rip and replace’.

As a final sweetener and proof of confidence in its solution, Sophos provides a breach protection warranty, offering your business financial protection against the costs associated with a breach.

The message is clear: no one is safe from being a target, and there are times when the best-case scenario to protect your valuable business assets and data is to call in the experts.

Your business deserves the best possible protection.

Enjoy optimised performance and keep your organisation running safely without the threat of cyberattacks with Vox and Sophos – contact us for more information.

FAQs

What is Managed Detection and Response (MDR)?
MDR is a security service that combines continuous monitoring, expert threat hunting and incident response to detect and neutralise advanced cyber threats on behalf of your business.

How does Sophos MDR differ from standard anti-malware?
Sophos MDR pairs AI-enhanced detection with a dedicated human team that actively hunts for evasive threats and provides full incident response, going beyond signature-based tools.

Can Sophos MDR work with our existing security tools?
Yes, Sophos MDR integrates with hundreds of third‑party security tools so you can retain your current stack and improve overall protection without replacing systems.

Is MDR suitable for small businesses?
Yes, MDR is particularly valuable for SMEs that lack in-house security resources but need enterprise-grade monitoring and response.

What is a breach protection warranty?
It’s a financial assurance provided by Sophos for qualifying breaches, designed to help cover certain breach-related costs — giving additional assurance to customers.

Protect Your Older Parents Online with Norton from Vox

Posted on 15 October 202521 October 2025 by Vivienne Fouche

No, Mom – DON’T click on that link!

I know an elderly lady who is dignified and respectable, with grown-up children and grandchildren. She is, as they say, a ‘pillar of her community’. She also, rather startlingly, has some, shall we say, unfortunate images on her phone at the moment, involving various anatomical closeups of naked people.

But this is not an article about a seemingly-sweet old lady who is at the helm of a mafia-style criminal empire – no, that’s not it at all, because she actually has NO IDEA that these images are currently on her phone (and her family members haven’t yet had the courage to tell her).

Vox has teamed up with global cybersecurity expert company Norton™ to offer comprehensive protection for your devices and online privacy, for the whole family, all in one solution. Traditionally, people have worried about their own online safety as well as their children’s, but there is no reason why your older parents can’t benefit also.

In this article, we look at how so many older people today have absolutely no idea of the perils that lurk online. We discuss how to protect people of an older generation who didn’t grow up with technology at their fingertips.

And we look at how acquiring the right software can take away the stress of having to keep saying: “NO, Mom – DON’T click on that link!”

Why Older People Are Especially Vulnerable Online

Criminals have always seen older people as being a soft target, and today’s digital world simply presents long-existing criminal tendencies in a brand-new wrapping. When the goal is to scam older people out of their hard-earned savings, the Internet, online banking and social media all just make it easier for cyber criminals, because many older people are just not that comfortable with today’s technology.

This is largely because, in contrast to younger generations, older citizens had to learn to use information technology when they were already adults. It’s something that was initially entirely new to them.

And so the relationship that today’s senior citizens have with technology can be an uneasy or uncomfortable one, as shown in this clip from the popular and acclaimed Netflix sitcom, ‘Grace and Frankie’.

In the video clip, we see clearly just how some of the older generation think about technology – Frankie is deeply afraid of it at first. (Grace, as a retired former CEO, does at least know how to boot up a new laptop.)

Take a look for a bit of show, not tell!

The video clip raises another point: if so many of today’s older generation are uncomfortable simply with acquiring new technology, you can imagine that they’re even more vulnerable once they’re finally online.

Senior citizens can be particularly vulnerable to cybercriminals who use social engineering – deception intended to manipulate people into sharing confidential or personal information – to lure their victims into handing over valuable personal details.

Why The Older Generation Is Vulnerable Online

Online criminals prey on qualities shared by many older users, including a fear of technology that they don’t fully understand, loneliness as their children grow up and leave home, an ingrained respect for authority and institutions, and an increasing need to feel financially secure as they get older.

If this is all sounding just a bit too familiar and close to the bone, the good news is that there are ways in which you can help protect your older parent or relative against would-be online scammers.

Keep It Simple — Three Rules to Teach Your Parent

Firstly, share the following information with your older parent to try to help them recognise when a criminal is trying to steal their bank account information, passwords or credit card numbers, or otherwise trying to separate them from their money.

Trust no one: never click links or open attachments from unexpected senders.
Ask first: establish a rule — “Call or text me before you act.”
Don’t share security details: never send PINs, passwords or banking details by message or phone.

These short, repeatable rules are easier to remember than long lectures. Think of them as being the digital equivalent of “Don’t open the door to strangers.”

In summary: ‘Don’t click on every link that looks like fun or promises you a great bargain.’ It’s the Internet version of ‘If it looks too good to be true, it probably is.’

How Norton from Vox helps — Straightforward, Family-Wide Protection

You can try to teach all the rules in the world, but intuitive software makes prevention easier. Stop the malware from getting in by blocking those seductive ‘Click here’ messages before they even reach your parent’s phone, tablet or laptop with their exotic and interesting click-bait messaging.

Norton’s software safeguards your entire family’s PCs, Macs®, tablets and smartphones from viruses, ransomware, phishing and other cyber threats while you bank, shop and browse online.

Norton 360 family protection provides multiple layers of defence against viruses, malware, ransomware and phishing, which are the common tools criminals use to target seniors. Key benefits for elderly parents:

Blocks malicious links and phishing attempts before they land.
Protects PCs, Macs, Android and iOS devices with one app.
Simplifies security for non‑tech users — automatic updates and background protection.
Centralised family protection so you can check that your parent’s devices are safe.

Buying Norton via Vox gives you a local, reliable channel to purchase and manage the licence, which is one less thing to worry about.

Practical steps for immediate protection

Install Norton on every device your parent uses and enable automatic updates.
Turn on email and web protection to block suspicious links.
Set up one shared contact (you) who your parent must call before sharing money or details.
Back up important files so ransomware can’t hold photos or documents hostage.

Norton from Vox offers robust, all-in-one protection against viruses, malware, ransomware and online threats – for the whole family, including your elderly parents. It’s Internet safety for the elderly – like the virtual equivalent of a home security guard, refusing to allow the criminal over the threshold while your mom or dad are blissfully unaware and watching their favourite show or match on TV.

And if your elderly family members aren’t downloading dodgy links, you don’t have to spend precious time cleaning up their phones at a later stage.

Frequently Asked Questions

How do I start a sensitive conversation with my ageing parent?

Choose a calm moment, be honest but respectful, ask open questions and listen to their priorities

How can I suggest home-safety changes without upsetting them?

Frame changes as ways to keep them independent, offer choices and involve them in decision-making.

Protect Your Kids from Online Predators

Posted on 8 October 202521 October 2025 by Vivienne Fouche

Some practical thoughts to guide parents and grandparents

It can’t happen in my home… can it?

Just because your children are playing online games in the safety of your home doesn’t mean that they are safe from perverts.

This is the reality of today’s digital world.

It’s hard to believe, but every parent’s worst worry is now partly digital: how to protect kids from online predators who can reach children through games, apps and social networks in the safety of your own home. This guide discusses online grooming, practical steps you can take at home, and how tools from Vox and Norton™ can help you keep children safer online.

[Editor’s note: This article comes with a sensitivity warning, particularly for parents, grandparents and other concerned family and friends.]

According to the United Nations Children’s Fund (UNICEF), in South Africa, according to its ‘SA Kids Online Study’, one-third of children in the country are at risk of online violence, exploitation and abuse.

One-quarter (25%) of those surveyed confirmed that they had added people whom they’d never met face-to-face to their friends or contacts list.
Similarly, nearly one-fifth (18%) of those surveyed had sent a photo or video of themselves to someone they had never met in real life.

These stats also confirm just how naïve and vulnerable children can be – and why parents and guardians need to protect them.

And so, when we read about the pervasiveness of online grooming, your first response as a parent might be: ‘It can’t happen in my home – can it?’ but your second response should be: ‘How can I make absolutely sure that it doesn’t?”

With Vox and global cybersecurity expert company Norton™, parents can exert real parental control by setting up tools to help your kids explore the Internet more safely.

Unpacking Online Grooming

In decades past, parents and caregivers worried about ‘flashers’ – perverts lurking around schools in long coats, who waited to suddenly give their young victims an eyeful that they weren’t expecting.

Today, the perverts are looking for the reveal to be the other way around – and the effects can be far more lingering and devastating.

Norton™ warns that, as part of the attempted grooming process: ‘…predators may spend months steadily getting to know their potential victims. They might start this process by contacting children as they play popular online games such as Fortnite or Minecraft.

‘…Once predators gain the trust of their victims, they will then steer conversations more often toward sexual topics and will eventually ask children to engage in sexual conversations, send explicit photos, or meet them in real life.’

Reports have also surfaced of cyber predators infiltrating another online game popular with kids, namely Roblox.

But there ARE ways to fight back – and in the Vox family, we’re definitely here to help.

The Danger Lurking Behind Everyday Apps

Vox has teamed up with Norton™, which provides industry-leading antivirus and security software for PC, Mac and mobile devices.

According to Norton, children today gravitate toward social media apps that allow them to connect easily with their friends. But these social networking apps and websites are also favoured by predators who use them to communicate with their intended victims.

Norton says that, in addition to online games, some of the apps that predators may use to communicate with children include WhatsApp, Snapchat, TikTok, Kik, Monkey, Whisper and Chat Avenue.

For any parent, it’s frightening to think about the multiple ways that predators can use technology to find and target their victims.

So let the experts take care of it for you.

What Norton and Vox can do for you

Vox has partnered with Norton to make industry-standard protections readily available to families with Norton Family and Norton 360 providing one app for many devices.

These tools don’t replace conversations, but they give you clear alerts, activity reports and the ability to set safe boundaries.

Smart monitoring allows parents to monitor search terms, videos and app downloads; receive alerts for unsafe behaviour; and get detailed activity reports.

In addition, options such as location tracking allow you to define safe zones for your children and receive real-time alerts if those boundaries are crossed. Children can share their location through the mobile app.

All of these safety features – and many more – are available from Norton’s comprehensive protection for your devices and online privacy.

Protect Kids from Online Predators at Home

UNICEF says that keeping children safe online also relies on parents and caregivers maintaining open communication; using technology to protect children; spending time with them online; and encouraging healthy online habits

Talk regularly and openly: Start conversations about online life the same way you’d talk about who your child plays with in the street. Ask gentle questions: who are your friends online? What games do you play? What apps do you use?
Agree house rules: Device-free zones (dinner table, bedrooms at night), time limits for play, and rules about sharing photos or personal information.
Use parental controls: Industry tools such as Norton Family and Norton 360 offer activity monitoring, content filtering, screen-time limits, location supervision and alerts for risky behaviour. These tools help you set boundaries while still allowing kids to explore.
Co-play and co-view: Sit with younger children while they play online and encourage older children to show you new apps and settings. This builds trust and gives you a live view of who they interact with.
Check privacy and friend lists: Make sure profiles are set to private, review followers and friends together, and remind children never to share addresses or phone numbers in chats.
Watch for signs: Increased secrecy, sudden changes in behaviour, new devices or new online friends that appear overnight are all red flags.

Balancing Safety and Privacy

Monitoring doesn’t mean spying. Explain to your child why you’re using parental controls and that the aim is safety, not punishment. As children grow, shift from more direct monitoring to regular check-ins and shared agreements about responsible online behaviour.

Quick checklist for parents and grandparents (bullet list for snippet targeting)

Have an open conversation about online risks this week.
Set simple house rules for devices and sharing.
Install parental controls and review activity reports weekly.
Make social profiles private and review friend lists together.
Know how to report abuse to the app/platform and to local authorities.
Keep devices in communal spaces for younger children.

Before our world became as digital as it is today, parents only had to worry about their children’s safety in the physical environment. Today, we have to be concerned about online predators that can access our homes through our digital devices.

This is all a lot to think about, so why not let Vox and Norton take care of it for you with our comprehensive and proactive suite of solutions?

We’re here to help you keep your children safe in the online world for as long as possible without becoming another statistic. Please click here for more information.

“Making the decision to have a child is momentous. It is to decide forever to have your heart go walking around outside your body.” ~Elizabeth Stone, author

Frequently Asked Questions

How can I tell if my child is being groomed online?
Look for signs such as secrecy around devices, sudden new friendships, unexplained gifts, changes in mood or sleep, or attempts to isolate the child from family. If a child is using private messaging apps or deleting chat histories, take note and ask open, non-judgemental questions.

What do Norton parental controls actually do?
Norton Family and Norton 360 provide content filtering, web and search supervision, screen-time controls, social media monitoring, location supervision and alerts for unsafe behaviour. They produce activity reports so you can spot potential problems early.

Will parental controls invade my child’s privacy?
Used thoughtfully, parental controls are a safety tool. Be transparent: explain why you’re using them, involve your child in setting the rules, and gradually reduce monitoring as your child demonstrates responsible behaviour.

At what age should I set up parental controls?
Start young, because even pre-schoolers benefit from basic content filtering and supervised access. For older children, combine tools with conversation and digital literacy lessons so they understand safe behaviour.

What should I do immediately if I suspect grooming?
Stay calm, listen to the child, preserve any evidence (screenshots, chat logs), report the account to the platform, and contact local authorities or child-protection organisations for guidance.

Where can I get help in South Africa if I need to report abuse?
Report serious threats to the police (SAPS) and the platform where it occurred. Seek support from child-protection organisations and trusted local counselling services.

Real Risks of Critical Infrastructure Cyber Attacks

Posted on 7 October 202521 October 2025 by Vivienne Fouche

No longer only in the movies…

There are very real cyberthreats lurking today, including critical infrastructure cyber attacks, and all organisations need to protect themselves. We tune into the movies and TV shows for entertainment – sometimes because we need a serious dose of escaping reality to forget about our challenges for a while.

And if we’re watching a thriller, when the film is over, we breathe a sigh of relief that what happened in it was much too far-fetched to have any actual connection to reality.

Perhaps viewers a couple of years ago were comfortable, while watching the 2023 American apocalyptic thriller ‘Leave the World Behind’, to think that they would be returning safely to reality when the credits finally rolled, because….

[Editor’s note: If you haven’t seen the movie, here comes a spoiler alert!]

…because a war was NOT actually being started outside the cinema by sinister forces who began by first destroying communication networks and critical infrastructure through a highly targeted cyber attack.

(If you haven’t seen the movie and want to know more, here’s a quick sneak peek at the trailer. The movie stars Julia Roberts, Mahershala Ali, Ethan Hawke and Kevin Bacon.)

Except that… attacks on infrastructure ARE becoming more commonplace in the real world, as Information Technology (IT) and Operational Technology (OT) systems become increasingly intertwined.

Let’s look at some real-life examples.

Why It’s real: IT and OT Convergence

One of the largest oil pipelines in the United States, the Colonial Pipeline in the eastern USA, went down in May 2021 for a few days because of a massive cyber-attack. It caused fuel shortages, panic buying and a temporary spike in gasoline prices.

The attack, from a Ransomware-as-a-Service (RaaS) operation named DarkSide, caused a four-day shutdown of the pipeline, after DarkSide’s operators had accessed the company’s IT network, stolen 100 gigabytes of data and encrypted several critical systems. A significant section of the eastern part of the country was affected, and Colonial Pipeline paid the hackers nearly $5 million as a ransom to finally regain control of their systems.

The Colonial Pipeline ransomware attack is considered to be one of the most significant attacks on critical national infrastructure in history.

So perhaps the moral of this particular story is this: Taking down critical infrastructure is not so far-fetched after all!

As for communications networks, cyber-attacks on telecommunications companies (telcos) can have far-reaching consequences. The nature of the information held on customers can put their personal safety at risk if it’s breached.

American telco giant AT&T has had its systems breached more than once. System breaches have also taken place on Tangerine in Australia, Kyivstar in Ukraine, Alphalink in France, Bharat Sanchar Nigam Limited in India… the list of international telcos that have been attacked just goes on.

Data breaches and service failures undermine customer trust and have a negative impact on reputations. The result is companies being hit with recovery expenses as well as a potential loss of future customer revenue.

Closer to Home: South African Incidents

South Africa has not gone unscathed as far as significant cyber attacks are concerned.

Transnet Attack: In July 2021, South Africa’s state-owned logistics firm, Transet, suffered a major ransomware attack that disrupted operations at ports and significantly affected the supply chain, demonstrating how ransomware can affect national economic activities. You could perhaps regard this as being SA’s own version of the Colonial Pipeline major critical infrastructure attack, because the results were also severe and far-reaching – in fact, Transnet declared a ‘Force Majeure’, meaning an event that cannot be reasonably anticipated or controlled.
Experian South Africa: In August 2020, this renowned consumer, business and credit information services agency experienced a data breach where a fraudster gained unauthorised access to the personal information of approximately 24 million South Africans and almost 800,000 (793,749) businesses. The exposed data included contact information and employment details.
National Health Laboratory Service (NHLS): When the IT systems of the NHLS were targeted by ransomware in 2024, all files on the affected computers and servers became inaccessible, leading to a halt in NHLS operations. In addition, 1.2 terabytes of data was stolen during the attack, including the sensitive medical information of millions of patients.
South African Weather Service (SAWS): In January 2025, the SAWS disclosed that its ICT-base systems were disrupted by an attack led by ransomware-as-a-service group RansomHub.

These are just a few examples of local cyber breaches in South Africa. Knowing the cause, impact and response to past data breaches can help businesses protect their own data – and bottom-line – by ensuring that they avoid the same pitfalls and mistakes.

Practical, Non-technical Actions Organisations Can Take

You don’t need to be a security expert to take sensible steps that reduce risk. Recommended actions include:

Develop and exercise an incident response plan and communications strategy so you can act fast when an event occurs.
Classify and prioritise critical assets and data to focus protection and recovery efforts where they matter most.
Conduct regular tabletop exercises with leadership, legal and communications teams to test decision-making under pressure.
Strengthen supplier and vendor oversight — downstream vendors can introduce supply-chain risk.
Train staff to recognise phishing and social engineering, the most common initial vectors for ransomware attack.
Consider cyber insurance and ensure coverage aligns with your operational risk profile.

It’s important to understand that kidnapping today is no longer only the domain of Somali pirates operating off the coast of Northeast Africa, using speedboats and machine guns to take over lucrative international cargo ships. Cybercriminals – like the Colonial Oil attackers – now ‘kidnap’ data, holding systems and companies to ransom until significant sums of money are paid.

No organisation wants to be in the media spotlight for the wrong reasons. Being aware of cyber attacks suffered by other companies can help your business to learn from these pitfalls and stay safe moving forward. Let’s go back to the movies to ponder that one a bit more closely:

“In my line of work, you have to understand the patterns that govern the world. It can help you see your future. And I knew something was coming.” – George H Scott, ‘Leave the World Behind’

Any business can be a victim of cybercrime. If you need help with cyber protection for your organisation, please contact Vox to see how we can be of assistance.

FAQs

What are critical infrastructure cyberattacks?
Critical infrastructure cyberattacks target systems that support essential services — such as energy, transport, health and communications — and can disrupt services, harm the economy and endanger the public.

How can I tell if my organisation is being targeted?
Common signs include unexplained system slowdowns, unusual login patterns, unexpected file encryption, or ransom notes. Prompt investigation and containment are vital.

What’s the difference between a ransomware attack and a data breach?
A ransomware attack encrypts and locks systems to demand payment; a data breach involves unauthorised access and exfiltration of sensitive information. Both can occur together.

How can smaller businesses protect themselves against these threats?
Smaller businesses should focus on basics: backups, an incident response plan, staff training, and assessing third-party risks — these steps significantly reduce exposure.

Does cyber insurance replace preparedness?
No. Cyber insurance can help with financial recovery, but it does not replace proactive measures like planning, training and asset prioritisation.

Cyber Attacks on Small Businesses

Posted on 1 October 202521 October 2025 by Suhail Dinat

Cyber attacks on small businesses are on the rise – why SMEs are more vulnerable to cyberattacks, and how to stay safe

When we think of cyberattacks, we often picture a giant corporation with hackers trying to break into a billion-dollar cyberdeck (we blame the movies). The truth, however, lies on the opposite end of the spectrum – cyberattacks on small businesses are rising.

Thi is mainly because many SMEs have limited budgets, outdated systems and minimal staff training. Put simply: attackers go where the doors are easiest to open.

Think of it like this: large corporates invest heavily in security teams and layers of protection. Smaller businesses are often leaner, making them attractive targets for opportunistic hackers. Below we explain why, and give practical, affordable steps you can implement right away.

Why small businesses are vulnerable to cyber attacks

Limited budget = limited defence: Large firms can afford dedicated security teams, regular audits and enterprise-grade tools. Most SMEs operate on tight margins, so security is often deferred. That can mean unpatched systems, basic antivirus only and no 24/7 monitoring — an invitation to attackers.

A false sense of security: Many small business owners assume they’re “too small to matter”. In reality, cyber criminals treat SMEs as low-effort, high-reward targets. Simple breaches multiplied across dozens of businesses still pay off.

Human error and lack of training: All it takes is a click. Yup. Just one innocent click from a person who doesn’t know better can take down an entire organisation. Employees without regular training often can’t spot scams, dangerous links, or social engineering tricks. Good habits are the frontline defence.

Weak Passwords and Outdated Systems: Is your team still using the hand-me-down PC that needed replacing about 4 years ago? And when was the last time anyone – ANYONE – updated their software? Nothing screams entry point like an unpatched system. Combine this with weak or recycled passwords, and you’ve basically left the front door open. Attackers scan for known vulnerabilities — if your systems aren’t updated, you’re presenting an easy route in.

Practical Steps Every SME Can Take Today

You don’t need a military-grade budget to reduce risk. Adopt these practical measures and you’ll significantly lower your exposure to cyberattacks on small businesses.

Maintain cyber hygiene

Keep operating systems and applications up to date.
Apply security patches promptly.
Use a password manager and enforce strong, unique passwords.
Enable multi-factor authentication (MFA) for all critical accounts.

Train your people regularly

Run short, frequent sessions on spotting phishing emails, suspicious links and safe browsing.
Make cybersecurity part of employee onboarding and monthly refreshers.

Backup and test backups

Use both cloud and offline backups for critical data.
Test restores regularly so you know your backups work when you need them.

Invest sensibly

Move beyond free antivirus. Affordable endpoint protection, email filtering and a good firewall make a big difference.
Consider managed security services if you don’t have in-house expertise — they can be cost-efficient for SMEs.

Have an incident response plan

Know who to call and what steps to take if you detect a breach.
Assign responsibilities, contact details and a communication plan to minimise disruption.

Quick Checklist — Low-Cost Steps to Reduce Risk Now

Update all systems and software this week
Enable MFA on business email and admin accounts
Start monthly phishing-awareness emails/trainings
Implement a password manager and roll out strong passwords
Schedule automatic daily backups and test restores monthly
Put an incident response contact list where staff can find it

It’s not that small businesses don’t face the same threats as larger ones, but rather they face them with far fewer defences – which is exactly what makes them such attractive targets. However, by combining the correct mindset with easy, practical steps, you can go a long way to reducing this vulnerability.

You don’t need to build Fort Knox – you just have to make sure your doors are locked in order to sleep at night.

Stay safe, stay secure, and stay cyber smart.

Vox has partnered with global cybersecurity experts Sophos for cybersecurity solutions and we are easily able to cater to the needs of SMEs – contact us to find out more.

Some Frequently Asked Questions

Are small businesses at greater risk of cyberattacks?
Yes. Many small businesses have fewer security resources and less training, making them easier targets. Attackers often target SMEs for the same reasons they target larger firms: for data, money or to use compromised systems as launch points.

What types of cyberattacks target SMEs?
Common attacks include phishing emails, ransomware, credential theft, business email compromise (BEC) and unpatched software exploits. Phishing and ransomware are particularly damaging for small businesses.

How much should an SME spend on cybersecurity?
There’s no one-size-fits-all number. Start with basic protections (patching, backups, MFA, endpoint security) and scale from there. Many affordable solutions and managed services are tailored to SME budgets.

How often should employees be trained?
Short, regular sessions (quarterly or monthly refreshers) are ideal. Frequent reminders, simulated phishing tests and clear reporting steps help keep awareness high.

What should I do immediately after a cyberattack?
Disconnect affected systems if safe to do so, preserve logs where possible, notify your IT/security provider and follow your incident response plan. Report significant breaches to relevant authorities and affected parties as required.

Are backups enough to protect my business?
Backups are essential but not sufficient on their own. They protect your data from loss and ransomware, but you also need preventive measures (patching, MFA, endpoint protection) and an incident response plan.

Costs of a Data Breach to Your South African Business

Posted on 1 October 202521 October 2025 by Vivienne Fouche

Money, reputation, customers: A cyberattack is costly in multiple ways

It’s estimated that cyberattacks will cost the South African economy R2.2 billion in 2025. That’s according to a recent Vodacom Business report, which revealed that 80% percent of South African businesses had experienced a cyberattack during 2024.

These are incredibly high numbers.

Firstly, the fact that 8 out of every 10 local businesses was attacked last year underscores the persistence and determination of cybercriminals as they attempt data breaches.

As for the resultant costs of a data breach – R2.2 billion – these add up in a number of different ways, both directly and indirectly.

Firstly, there’s the ransomware that must be paid if the cybercriminals succeed in breaching an organisation and encrypting its data. The attackers then demand a ransom to provide the decryption key and restore access, sometimes threatening to leak stolen data if the payment isn’t made.

Even if the organisation pays the ransom, this is not always a guarantee that the decryption key will be handed over. It seems that there isn’t always ‘honour among thieves’.

In addition, there will be incident response and recovery costs to pay, with significant expenses for hiring in consultants to carry out recovery efforts, forensic investigations and system restoration.

But these direct costs aren’t the end of the story – indirect costs are also incurred as a result of a successful cyberattack.

This includes through operational downtime, leading to lost productivity and revenue; reputational damage, causing potential new customers choosing to go elsewhere; and legal and regulatory costs, with companies facing possible fines from regulatory agencies for failing to protect sensitive data (and there may even be lawsuits from affected parties).

Costs of a Data Breach in South Africa

Over the past two years, advancements in artificial intelligence and machine learning have equipped cybercriminals to orchestrate and successfully execute sophisticated cyberattacks. From phishing, malware, ransomware, identity theft, hacking, social media fraud to social engineering, cyber threats are no longer simply a technology problem but a business problem.

South Africa is no exception – we were recently ranked as being the number 1 target for cyberattacks in Africa. No matter its size, every business is a possible target for cyberattackers[1].

Other frightening statistics include the following:

40% of ransomware attacks in Africa recently occurred in SA; and
We also claimed 35% of infostealer incidents across the continent.

Factors contributing to SA’s #1 position as most attacked country in Africa include:

A lack of cybercrime investment;
Ineffective law enforcement prosecution; and
Lack of awareness.

Cybersecurity incidents on government bodies, such as the South African Weather Service and the National Health Laboratory Service, and well-established brands like Dis-Chem, show how vulnerable local organisations can be in the face of these rising threat levels.

How to Reduce the Expected Cost of a Data Breach

Organisations that proactively reduce their attack surface and improve recovery capability materially lower the potential cost of a breach. Focus on four priority areas:

Prevent

Deploy layered defences (endpoint protection, firewall, email security and web filtering).
Train staff regularly on phishing, social engineering and secure practices.
Apply strong access controls and multi-factor authentication.

Detect

Implement continuous monitoring and logging to identify anomalous behaviour quickly.
Use managed threat detection services where in-house capability is limited.

Respond

Maintain a tested incident response plan with defined roles, communication templates and escalation paths.
Engage forensic and legal partners on retainer to reduce response time.

Recover

Ensure immutable, tested backups and documented recovery runbooks.
Use segmented network design and least-privilege policies to limit lateral movement.

Protecting Your Organisation from Cyberattacks

A firewall is your network’s first line of defence against the cybersecurity threats of the public internet. You could think of firewalls as the gatekeepers to the public internet for your network users, filtering out threats and enabling them to connect safely to the sites and applications where they need access to do their work.

Existing as both hardware and software, firewalls are designed to restrict access to your organisation’s sensitive data while helping you monitor your network for suspicious activity.

Too many organisations still see cyberattacks as an irrelevant global problem, not a high-risk local threat. It’s imperative to make sure that your company has the necessary defence mechanisms in place, starting with identifying the risks and implementing an incident response plan.

Contact Vox and Sophos to find out more about how we can assist you.

Frequently Asked Questions

What is the typical data breach cost for South African businesses?
Data breach cost varies widely, but South African firms face direct and indirect losses including ransom payments, recovery, legal fees and reputational damage, often totalling tens of thousands to millions of rand.

How does ransomware affect data breach cost?
Ransomware dramatically increases data breach cost through demanded payments, extended downtime, forensic investigations and possible double extortion, as well as the risk that paid ransoms do not yield reliable decryption.

Are small businesses in South Africa at risk of cyberattacks?
Yes, small businesses are frequent targets. This is because limited budgets, weak defences and lack of awareness make them vulnerable, increasing the likelihood of high data breach cost and reputational harm.

What are the most common cyber threats facing South African businesses?
Phishing, malware, ransomware, identity theft and social engineering are most common, driven by AI‑enhanced tactics and posing major challenges for cybersecurity South Africa across sectors.

How much does operational downtime add to the overall data breach cost?
Operational downtime can multiply losses through lost revenue, reduced productivity and contractual penalties, often matching or exceeding direct remediation costs in severe incidents.

Is paying a ransom a reliable way to restore data?
No. Paying a ransom is risky, because attackers may not provide decryption or may demand more, and paying can increase overall data breach cost and legal or ethical complications.

What indirect costs should businesses anticipate after a cyberattack?
Anticipate indirect costs like reputational damage, customer churn, regulatory fines, legal claims, increased insurance premiums and long‑term loss of market trust, all contributing substantially to data breach cost.

What practical steps reduce data breach cost and improve cybersecurity in South Africa?
Implement firewalls, regular backups, employee training, incident response plans and patch management; invest in monitoring and third‑party partnerships to lower data breach cost and strengthen cybersecurity South Africa defences.

[1] Source: Newzroom Afrika

Hot Promotions

Available in your area