AS cyberattacks continue to disrupt industries worldwide, Jonathan Muvindi, an executive at South Africa’s WIRE Speed Systems Pty Ltd, is urging Zimbabwean businesses to strengthen their defences against digital threats.
The call comes amid a surge in cyber incidents across the country, exposing vulnerabilities in financial institutions, telecommunications, and even educational institutions.
In one notable case from 2021, a University of Zimbabwe student allegedly breached the institution's network, manipulating the system to assign housing, which reportedly earned him US$3 000.
Last year, two individuals allegedly siphoned off ZW$2 billion from Hwange Electricity Supply Company’s account, moving the funds into private accounts. More recently, in June, two men reportedly hacked into the system of cellular giant NetOne, stealing over ZWG1 million (around US$74 000) during Zimbabwe’s currency transition.
Rumours also circulated about a potential breach at one of Zimbabwe’s largest lenders, causing market jitters. Muvindi, in an interview with the Zimbabwe Independent, warned that these incidents underscore the severe risks businesses face.
“The evolving threat landscape presents significant risks to businesses, and organisations must proactively adopt cyber security measures and robust governance frameworks to protect their assets, data, and reputation,” he said.
“Cyber threats have become sophisticated and pervasive, making it essential for companies to understand the risks, put in place effective prevention strategies, and comply with relevant regulations to safeguard themselves from devastating attacks.
“Cyber security is about more than just technology, it's a holistic approach involving people, processes, and technology working together to minimise vulnerabilities and enhance resilience.”
- Hackers raid Hwange Electricity Supply Company’s bank account
- Businesses urged to bolster defences against cyberattacks
Keep Reading
Muvindi also pointed out that cyberattackers often target specific sectors, especially small and medium-sized enterprises (SMEs), financial institutions, healthcare providers, retailers, e-commerce platforms, government bodies, and critical infrastructure.
For these groups, he advised that a thorough cyber security strategy, incorporating technical safeguards and human factor considerations, is essential.
“Prevention is always more cost-effective than recovery! Recovery is not always guaranteed. In unlikely events of damage, it needs to be treated urgently with root cause analysis properly done and future proof measures taken immediately,” he said.
“Cyberattacks can lead to direct financial losses due to fraud; theft of funds, or ransom payments, recovering from an attack often involves hiring experts, deploying new technologies, and rectifying
systems.
“An attack can lead to a loss of trust with customers, partners, and stakeholders, resulting in a damaged reputation, long-term loss of customers and market share, particularly if sensitive data is leaked or a major service outage occurs.
“Failure to comply with data protection laws or breach notification requirements can result in significant fines and legal liabilities, legal actions from customers, partners, or regulatory bodies can lead to costly settlements,” Muvindi said.
ICT minister Tatenda Mavetera said threats were increasingly complex, and their potential impacts deeply interwoven into every facet of society, from national security to economic stability and personal privacy.
“This reality demands that our National Cyber Security Strategy be not only comprehensive and rigorous but also adaptable to future developments,” she told delegates at a workshop organised by the Postal and Telecommunications Regulatory Authority of Zimbabwe (Potraz).
“Our mission is clear: to deliver a document that will guide our nation effectively through these challenges, ensuring the protection of our citizens and our institutions.”
Mavetera said Zimbabweans needed to be mindful of the broader implications of the National Cyber Security Strategy.
“Zimbabwe is positioning itself as a proactive leader in cyber security within the region, and as such, this strategy should serve as a benchmark that other countries can look to for inspiration and guidance,” she added.
Lorreta Songola, Liquid Intelligent Technologies regional chief commercial officer, Central African Region said Zimbabwe's SMEs required a top-down cyber security risk management approach that can identify and address issues quickly.
“SMEs must keep an inventory of hardware, software, and sensitive data and identify potential vulnerabilities. Role-based access control to these records and assets is a good idea,” she said.