Companies in South Africa and around the world must make better use of artificial intelligence if they’re to fend off malicious actors who are themselves harnessing AI to intensify their cyberattacks.
That’s according to Kerissa Varma, chief cybersecurity adviser for Microsoft in Africa, who was unpacking the findings of the 2025 edition of the company’s Microsoft Digital Defence Report (MDDR). The annual publication provides one of the most comprehensive snapshots of the global threat landscape, drawing on more than 100 trillion security signals collected daily and the work of 34 000 Microsoft security engineers worldwide.
Varma said data remains the prime target for attackers, with financial gain – not espionage – driving most incidents. Only 4% of attacks tracked globally in the past year were aimed purely at intelligence gathering. “AI is allowing attackers to do more and monetise quicker,” she said.
Microsoft’s research shows that business-e-mail compromise continues to be one of the most damaging attack types. Although the entry vector is limited, the financial fallout can be severe. Multifactor authentication still stops 99% of these attacks, yet adoption gaps persist.
AI is amplifying the threat. The report found that users are 4.5 times more likely to click on an AI-generated phishing e-mail than on a traditional one, with success rates jumping to 54% from 12%.
Attackers also use AI to analyse stolen corporate data and craft convincing, targeted messages within seconds, accelerating their ability to extract funds or further compromise systems.
Access brokers – criminals who sell initial entry into compromised networks to others – are also fuelling a booming “cybercrime-as-a-service” market. The public sector is the most affected by this activity, followed by consumer-product and professional-services firms.
‘Crypto agility’
The MDDR notes that South Africa accounted for 21% of all nation-state cyber incidents observed in Africa in 2025, matching Egypt as the continent’s most-targeted country. These attacks focused heavily on critical infrastructure such as energy and communications networks, underscoring the strategic value of local digital assets.
Microsoft urged organisations to shift from reactive defences to anticipatory, behaviour-based security models, and to elevate cyber-risk management to the boardroom level. Its 10 recommendations for 2025 include prioritising identity protection, investing in people as well as tools, mapping cloud assets, and preparing now for both AI- and quantum-era risks.
Read: Passwords are dying – here’s the tech that’s replacing them
Varma said companies should already be building “crypto agility” into their systems to cope with future quantum computing breakthroughs that could render today’s encryption obsolete. “We can adapt as quantum computers become more sophisticated – but only if we know where our encryption lives and have a playbook ready,” she said.
Despite the growing risks, AI also offers defenders a powerful advantage. Microsoft is embedding AI across its own security products to automate response, detect threats faster and identify detection gaps.
“It’s critical that companies adopt AI in cybersecurity,” Varma warned. “If we don’t, we’re fighting a losing battle. Attackers will scale AI over the next few years, and we have to get to the point where we’re using AI against AI.” — © 2025 NewsCentral Media
Get breaking news from TechCentral on WhatsApp. Sign up here.
