Features

One of the things you’ll hear repeatedly in cybersecurity circles is that you can’t protect what you can’t see. It sounds obvious and yet TrendAI Africa’s threat detection data in EMEA for the second half of 2025 found that the top risks it detected were not sophisticated intrusions or novel malware, but risky cloud app access, stale or dormant identities, and multifactor authentication (MFA) that hadn’t been switched on in cloud environments.

TrendAI said these oversights aren’t difficult to address, but no one in the business knew they were there. Every cloud account, SaaS application, API integration and third-party tool an organisation has ever provisioned is a potential entry point and the average organisation has far more of them than anyone has documented. “Everyone’s watching the firewall,” says Christo Coetzer, CEO of BlueVision. “Organisations tend to manage what they’ve deliberately built, but the attack surface includes everything else too.”