South Africa’s cybersecurity services industry is set for explosive growth, with market revenue forecast to R16.5-billion by 2029, according to BMI TechKnowledge Group’s SA Cybersecurity Services Report 2025.
The research projects a 20.3% compound annual growth rate, driven by accelerating digitalisation and particularly strong demand from the financial services sector.
Yet, while the threat landscape evolves, many companies remain reluctant to boost cybersecurity budgets. BMIT MD Chris Geerdts described artificial intelligence as a “triple-edged sword” – simultaneously used for attack, defence and, increasingly, as a new attack target itself.
Indeed, AI is fuelling deepfakes, automated phishing, data-stealing malware and disinformation, while threat actors have begun hijacking AI models inside cloud environments.
BMIT also highlighted a deepening “human factor” challenge, with staff behaviour and leadership attitudes remaining the weakest link. Despite rising awareness, many executives underestimate their exposure and resist making the organisational and budgetary changes required to improve security posture. Technical teams, meanwhile, often struggle to translate complex threats into business terms that resonate at board level.
The local market is fragmented, with around 2 500 firms offering cybersecurity services – many with overlapping or exaggerated claims of expertise. Severe local and global skills shortages exacerbate the problem, pushing companies to adopt managed security services models and automation to fill capability gaps.
Zero trust
Cloud adoption and zero-trust network access are reshaping how organisations manage security across dispersed systems. Endpoint protection technologies are forecast to show among the strongest growth segmentally, with 15.5% annualised expansion to 2029.
Looking ahead, the report warned that “shadow AI” – the unregulated use of generative AI tools inside organisations – has overtaken the skills shortage as one of the top three cost-amplifying breach risks.
Read: AI is rewriting cybercrime – and Microsoft warns companies are dangerously behind
BMIT concluded that cybersecurity has become a core business priority, not just an IT concern. Companies that move beyond “tick-box” compliance and embed security into their operational DNA will be best positioned to protect assets, maintain customer trust and compete in the digital economy. – © 2025 NewsCentral Media
Get breaking news from TechCentral on WhatsApp. Sign up here.
