A new report has shown that South African organisations are seeing a sharp rise in deliberate, insider-driven data theft.
The 2025 State of Human Risk Report, released by Mimecast, found that 46 percent of the 200 South African firms surveyed reported a rise in malicious insider incidents. This is higher than the global average of 42 percent.
“From a South African perspective, a lot of the respondents have highlighted that they are certainly not prepared to deal with the expansion in what we like to call the attack surface explosion,” Heino Gevers, senior director of technical support at Mimecast, told TechCentral.
Rise in insider-driven data theft
This is not a one-off. The global share of organisations reporting increases in malicious insider incidents climbed from about 33 percent two years ago to roughly 42 percent. Yet only 28 percent of organisations combine regular security awareness training with continuous monitoring — a gap that allows suspicious behaviour to slip through unnoticed.
However, despite the rise in insider-driven data theft, security researchers are also warning that AI models and model-serving endpoints pose a new kind of threat — one that many organisations, including cybersecurity professionals, are not yet prepared for.
“It’s a new type of threat. AI models incorporate such meaningful information — it’s outside of normal data theft,” said Gevers. “Most organisations do not have the technology or the means to detect when these models are being stolen or exfiltrated. It is certainly going to be a new type of insider threat that we’re not used to, or certainly not prepared to deal with.”
Impact of cyber threats
TechMedia Africa previously reported, citing a report titled “AI & the Cyber Frontier: Securing East Africa’s Digital Future,” that a severe talent bottleneck has left 82 percent of African organisations unable to find qualified cybersecurity and AI professionals. This skill gap also carries significant financial consequences, as the continent lost $5 billion to cybercrime in 2025 alone.
The ‘AI & the Cyber Frontier: Securing East Africa’s Digital Future’ report also noted that East Africa is witnessing a rise in cybercrime, with Kenya losing KES 29.9 billion ($230 million) between April and June 2025. During the same period, the country recorded more than 4.5 billion cyber threat events.
Insider incidents are also costly and highly concentrated. Globally, organisations report an average of six insider-driven incidents per month, with an estimated cost of $13.1 million per incident.
The report further found that 91 percent of organisations struggle with governance over communications data, while 52 percent of South African respondents cannot find communication records quickly enough to meet legal or regulatory requirements, increasing legal and compliance risks after a breach.