Stephan Gilliland Head of Information and Cybersecurity at CoCre8

In today’s hyper-connected world, cyberthreats evolve rapidly, posing significant risks to South African organisations across all sectors. From government to small businesses, no entity is immune to sophisticated attacks that can cause financial loss, reputational damage, and operational disruption. Continuous Threat Exposure Management (CTEM) is a critical strategy to proactively identify, assess, and mitigate these risks.

CoCre8 Technology Solutions, a leading South African cybersecurity provider, champions CTEM, leveraging Kaspersky Threat Intelligence and Kaspersky Digital Footprint Intelligence to protect organisations. Says Stephan Gilliland, Head of Information and Cybersecurity at CoCre8: “CTEM is a proactive approach to staying ahead of cyberthreats in a landscape where attackers constantly innovate.”

South Africa’s digital landscape is a prime target for cybercriminals. Kaspersky reported 66 million phishing link clicks in Africa in 2024, with ransomware and advanced persistent threats (APTs) remaining significant challenges. The country’s increasing digitisation and diverse economic sectors make it a hotspot for cyberattacks, from data breaches to supply chain attacks. Undetected attacks can persist in a company’s network for months, leading to severe consequences if not addressed promptly.

“CTEM provides a structured, ongoing process to identify vulnerabilities, prioritise risks, and implement remediation strategies,” says Gilliland. “Unlike traditional cybersecurity, which relies on reactive measures like antivirus software, CTEM focuses on continuous monitoring and adaptation.” This is crucial in South Africa, where organisations must navigate a complex threat landscape while complying with regulations like the Protection of Personal Information Act (PoPIA).

“South African businesses need to shift from reactive to proactive cybersecurity. CTEM enables organisations to anticipate threats, which is vital in a region where cybercrime is rampant.”

CoCre8 partners with Kaspersky to deliver robust CTEM frameworks, leveraging two key offerings: Kaspersky Threat Intelligence (TI) and Kaspersky Digital Footprint Intelligence (DFI). These solutions provide unparalleled visibility into the threat landscape, enabling organisations to stay ahead of cybercriminals.

Kaspersky Threat Intelligence offers real-time insights into attacker behaviours, tactics, techniques, and procedures (TTPs). It integrates data from Kaspersky’s global sensors, threat research labs, and expert analysts, delivering actionable intelligence across the incident management cycle. For South African organisations, this means access to detailed data on threats like APTs, ransomware, and phishing, which are prevalent in the region.

Recognised as a leader in the SPARK Matrix™ for Digital Threat Intelligence Management, Kaspersky’s solution stands out for its rich context and deep expertise. It combines malware detection, APT research, and a vast threat data collection to provide precise attribution and actionable recommendations. Says Gilliland: “Kaspersky’s contextualised intelligence, tailored to specific industries and regions, is a game-changer for South African organisations facing targeted attacks.”

For example, Kaspersky’s analysts recently uncovered a cyber espionage attack linked to the Chinese-speaking APT41 group targeting Southern African government IT services. By identifying specific malware indicators, Kaspersky’s Managed Detection and Response (MDR) team enabled swift mitigation, showcasing the power of real-time threat intelligence.

Kaspersky Digital Footprint Intelligence enhances CTEM by monitoring external threats across the Surface, Deep, and Dark Web. It identifies exposed digital assets, compromised credentials, and fraudulent activities that could harm an organisation’s reputation or operations. By tracking dark web forums, ransomware blogs, and shadow marketplaces, it detects references to a company’s data, enabling rapid response to potential threats.

The service’s uniqueness lies in its comprehensive coverage and real-time alerts. It tracks phishing websites, fake social media accounts, and malicious mobile applications impersonating a company’s brand, providing insights to prevent reputational damage. In South Africa, where phishing and ransomware are significant threats, this capability is critical. The service is also available to organisations as a managed security service providers (MSSPs) model, making it highly adaptable for South African businesses from a cost perspective.

Says Gilliland: “The Dark Web is a breeding ground for threats that can go unnoticed. Kaspersky Digital Footprint Intelligence gives our clients the visibility to act before a threat escalates.”

Why CTEM matters for South African organisations Implementing CTEM with Kaspersky’s solutions offers several benefits for South African organisations:

1. Proactive Risk Management: CTEM helps prioritise risks based on impact, reducing the likelihood of successful attacks.

2. Regulatory Compliance: CTEM ensures compliance with PoPIA by identifying and mitigating risks to sensitive data, avoiding fines and reputational damage.

3. Industry-Specific Insights: Kaspersky’s solutions provide tailored intelligence for sectors like finance, government, and industry, addressing South Africa’s diverse economy.

4. Cost-efficiency: Early vulnerability detection minimises the financial impact of cyberattacks, critical for small and medium-sized businesses.

5. Enhanced Resilience: CTEM fosters continuous improvement, enabling organisations to adapt to new threats and maintain business continuity.

CoCre8 Technology Solutions is dedicated to empowering South African organisations with CTEM strategies powered by Kaspersky. By integrating Kaspersky Threat Intelligence and Digital Footprint Intelligence, CoCre8 delivers a proactive, adaptive approach to cybersecurity. “Our partnership with Kaspersky ensures we provide world-class threat intelligence tailored to South Africa,” says Gilliland. “This allows our clients to focus on their operations while we safeguard their digital assets.”

As cyberthreats evolve, South African organisations must embrace CTEM to stay ahead. With CoCre8 and Kaspersky, businesses can build a resilient cybersecurity posture, protecting their operations, reputation, and bottom line in a hostile digital landscape.