CEO of NYSE-listed cybersecurity company Palo Alto Networks Europe, Middle East and Africa helmut risinger has said that the company will continue to invest in its technological and service capabilities in South Africa as part of its continued investment in Africa.
The company has identified a strong dynamic for the provision of cyber security services to businesses, industries and governments on the African continent and has developed growth plans for Africa.
Palo Alto is building its team and capabilities in South Africa under Anglophone Sub-Saharan Africa MD Justin Lee And has partnered with hyperscale cloud companies to be ready to provide their services in the country.
The company was also engaging with government departments on cyber security and critical infrastructure protection. Lee said some departments have already asked him to provide advice and recommendations on a number of issues that are part of the country's move towards e-government systems.
As part of this strategy, local investments will be matched by investments made in Nairobi in Kenya and Lagos in Nigeria, Risinger added during Palo Alto's annual Ignite Tour customer engagement event in Midrand on Feb. 26.
African companies and countries have been targeted by the same cybersecurity threats and attacks that other countries have faced, Lee said.
He said African businesses, industries and governments must deploy digital technologies to provide services demanded by customers and citizens, but must do so safely to be sustainable and effective.
Palo Alto's vice president and chief security officer said the number of threats organizations were facing was accelerating with the use of AI tools, enabling threat actors to create customized ransomware programs within 25 minutes, compared to four days a few years ago. Haider Pasha told.
However, AI is similarly boosting cybersecurity, with nearly 70% of customers using Palo Alto's Customer Security Operations solution being able to detect and respond to cyber threats in less than 15 minutes.
“This is essential. Traditionally, a few years ago, it took about two to three weeks for a threat actor to develop an understanding of a specific vulnerability and create a customized code to exploit it.
“Currently, one-third of vulnerabilities are being exploited within 24 hours due to the use of AI tools and capabilities by threat actors,” he said.
The barriers to entry for attacking an organization were also lowered. Attackers no longer need sophisticated environments and are using tools available on the dark web and generic AI programs to attack organizations, Pasha said.
However, Palo Alto has been using machine learning, which identifies patterns within datasets, for the past 13 years, and uses AI in its cybersecurity research and systems, Pasha said.
In response to a question, Risinger explained that the company's use of AI was centered around automation and analytics and that all responsibility lay with and under the control of personnel.
The use of AI in security operations centers is enabling faster detection and response, and automation allows cybersecurity teams to focus on strategic and prioritized work and creating responses to new anomalies.
Pasha said some estimates have shown that the use of AI tools saves individual team members five to ten hours of work a week.
Additionally, part of Palo Alto's goal in South Africa and its other African territories was to provide 'platformization' to companies, taking a company from using separate security solutions and tools to using Palo Alto's platform to manage all the tools and solutions in an organization, Risinger said.
Some security operations center teams in South Africa have to manage and protect 57 different digital tools from 16 vendors for their organizations, said the Palo Alto South Africa technology solutions manager. Adrien Joubert.
Each of these tools may be the best, he said, but monitoring and patching such a diverse set of digital tools for different corporate functions reduced the speed of response of security teams at a time when greater speed was needed to protect organizations.
Several years ago the average time from when an organization's network was compromised to when data was exfiltrated or when an attack was launched was nine days.
The current average was about a day for a compromise and then exfiltrating the data or launching an attack, Risinger said, with the shortest time ever found being 72 minutes.
Additionally, digital identities were the new frontier in cybersecurity, with nearly 90% of the incidents investigated in Palo Alto last year resulting from them being used to steal victims' identities and launch attacks, Pasha said.
The explosion of digital identities is one of the emerging challenges that organizations and their cybersecurity teams grapple with.
Current estimates suggest that the ratio of digital identities for virtual machines and digital processes compared to digital identities for people is 82-to-1 for every machine identity used by a human.
With the rise of agentic AI systems, which act as semi-autonomous agents and have short-term and long-term storage and reasoning capabilities, expect to grow potentially thousands of digital identities for machines rather than people over the next few years, he said.
The purpose of Palo Alto's platformization was to reduce these complexities for organizations, Lee said, and a major benefit of consolidation for organizations was that it created a single data lake for an organization.
“A single data lake for cybersecurity telemetry also leads to better security outcomes and increases an organization's resiliency. Cybersecurity is a data issue and it needs to be done in real time,” Risinger said.
Lee said, “We continue to strategically invest in Africa as a promising growth region. Our goal is to work safely with large organizations and companies, help them reduce noise, and partner with them for the long term.”