The major risk in 2025 that businesses can’t ignore

In today’s increasingly digital business environment, data breaches are becoming a growing concern for companies of all sizes.
According to the latest Allianz Risk Barometer, cybercrime, which includes data breaches or ransomware attacks, and IT disruptions are the biggest worry for companies in South Africa in 2025.
The report notes that cybersecurity is now a top priority for companies in South Africa.
But, this is not just an issue relating to fiscal ramifications – but also legal.
With the Protection of Personal Information Act (POPIA) in full effect, South African businesses are under pressure to ensure they have adequate measures in place to respond effectively to cyber incidents and protect sensitive data.
Daniel Pretorius, Partner, along with Senior Associates John Paul Ongeso and Songezo Ralarala at Bowmans South Africa emphasise the importance of being prepared and having a well-defined data breach response plan.
They warn that due to the high incidence of cyber incidents and data breaches, organisations must remain vigilant in handling sensitive and confidential data.
A robust Data Breach Response Team (DBRT) is crucial to mitigating the impact of a data breach.
According to the legal experts, the team should include a mix of professionals, including:
- Legal and compliance experts to ensure compliance with POPIA.
- Information technology and cybersecurity experts to investigate and address the cause of the breach.
- Communications and public relations professionals to manage stakeholder communications.
- Senior management to provide strategic direction and make critical decisions.
They said that the DBRT should have a clearly defined Data Incident Response Plan (DIRP) outlining the steps to be taken in the event of a data breach.
This plan should include:
- Contact details for the DBRT members.
- Procedures for breach detection and reporting.
- Incident classification and escalation procedures.
- Strategies for containment and eradication of the threat.
- Notification procedures for internal stakeholders, affected parties, and regulatory authorities.
- Post-incident review and continuous improvement mechanisms.
- Regular, mandatory training for all staff on data security and incident response protocols.
The legal experts highlight their effectiveness, stating that “DBRTs prove to be highly effective in the coordination of activities within entities themselves as well as in being a central contact point for internal and external stakeholders.”
“Forming a robust DBRT and developing a tailored DIRP can ensure that organisations are adequately equipped to coordinate responses to cyber incidents and data breaches and competently address these incidents in compliance with POPIA and applicable law.”
Overall, they urge businesses to take proactive steps in establishing their DBRTs and DIRPs without delay.
“Businesses would be well advised not to wait until it is too late, but rather to build their teams and plans without delay,” said the legal experts.
With the ever-evolving threat landscape, South African businesses are urged to prioritise data security and incident preparedness to protect their reputations, comply with regulations, and safeguard sensitive information.
Read: Calls to sin tax South Africa’s R1.1 trillion addiction