Yesterday, it was World Password Day, and despite phishing attempts, ransomware attacks, and more than ever before, end users are not looking Taking cyber security very seriously.

Not only households, small businesses, large enterprises and multinational organizations are also guilty of failing to do enough. This is evidenced by State of Workforce Password Security 2026 ReportRecently released by Zoho, it contains some worrying statistics.

Some of the notable cybersecurity lapses are that 36 percent of organizations surveyed reported cyber attacks, the highest globally since Zoho released this report.

79 percent also said they lack full visibility into user identity and access.

Zooming in on the local level, the report also found that 71 percent of organizations lack a zero trust strategy, while 58 percent cited unmanaged third-party access as a major risk. As Zoho pointed out, this underlines “the complexity of securing modern IT environments.”

“South African organizations are operating in an increasingly complex threat landscape, yet many still lack visibility into who has access to critical systems and data. As identity becomes the primary security perimeter, organizations must prioritize strong access controls and password management to mitigate risk and support compliance,” Andrew Bourne, regional head of Zoho South Africa, shared in a release to Hypertext.

“The study identifies identity visibility as a central weakness in South Africa's cybersecurity posture. With 79% of organizations unable to fully track user access, businesses face ongoing challenges in enforcing password policies, monitoring privileged accounts and managing third-party access. Credential-based threats such as phishing and compromised passwords are driving a rise in security incidents, particularly in the financial services sector, which increases the sensitivity of data and the scale of digital operations. remains the primary target due to,” the company said.

Interestingly, AI is being projected as a savior for any of the above gaps in cyber security, with some organizations saying that it can easily solve any problems that may arise. Whether such thinking is well-founded remains to be seen, especially as big tech companies are now turning to frontier models to identify security gaps that other AIs could exploit.

“Although 73% of organizations plan to increase cybersecurity budgets and 87% believe AI can strengthen security outcomes, fundamental shortcomings remain. A significant portion of organizations have not yet implemented a Zero Trust framework, and identity governance practices remain inconsistent,” Zoho stressed.

With cybersecurity being in constant flux and requiring equally constant attention by businesses, Zoho emphasized that organizations need to take it seriously, starting with a Zero Trust strategy.

“The findings place South Africa at a critical point in its cyber security journey. While awareness and investment are increasing, closing the identity visibility gap will be essential to strengthening resilience, reducing cyber risk and meeting regulatory requirements,” it concluded.

(image – Photo by Rodion Kutsayev on Unsplash)

Get the tech news you want to read. Take our reader surveys and tell us how we can better help you.

Categorized in: