Edition November 2025

With the alarming rise in cyber-attacks threatening national security and personal privacy, South Africa faces an urgent challenge – and Dr Jabu Mtsweni is on the frontlines.

As the Head of the Information and Cyber Security Research Centre and a Chief Researcher at the Council for Scientific and Industrial Research (CSIR), he leads a dynamic team of researchers, technologists and software developers who are dedicated to outsmart cyber criminals through a strategic, multi-pronged approach aimed at protecting the country’s digital infrastructure and sensitive information.

In a recent Interview with Public Sector Manager magazine, Mtsweni said his career highlight was “the opportunity to establish and grow the Information and Cyber Security Research Centre at the CSIR”. Taking on this responsibility in 2019, Mtsweni started with a nascent team and centre, but through impactful leadership, it has grown the annual revenue to over R100 million and expanded his team from 30 to close to 90 personnel.

Innovative solutions

He acknowledged that cybercrimes and identity theft are a challenge globally, but he leads a team that works tirelessly to combat this in South Africa through innovation. One of the team’s innovations is the Virtual Cybersecurity Operations Centre (VSOC), which provides real-time monitoring and threat mitigation, “helping the public and private sectors to quickly respond to cyber threats and attacks,” he explained.

The VSOC operates 24/7, providing detection, analysis and investigation of cyber threats. It also provides services like incident handling, security posture analysis, and reporting. This directly improves service delivery by ensuring organisations can maintain compliance and quickly respond to potential threats. Within the VSOC, there is the Indigent Registers System, which helps municipalities with reliable and accurate administration of their indigent registers – a crucial aspect for improving service delivery to vulnerable communities. It includes a national portal for enrolment, self-service kiosks and handheld devices for mobile identification and verification. The system has been piloted in several municipalities in Gauteng and North West, where it has shown significant relevance.

Improving service delivery

The system also offers the following:

• Fraud prevention: It helps municipalities detect fraud and ensures that only deserving households receive essential free basic services.
• Improving data integrity: The system addresses the challenge of unreliable data, allowing for more efficient and effective service delivery.
• Empowering communities: By streamlining the application and verification process, it makes it easier for indigent households to access the services they are entitled to.

Combating identity theft

To directly combat identity theft, Mtsweni and his team developed the patented VeristicPrint biometric system, which makes it difficult for criminals to commit fraud.

They have also created advanced digital forensics and cybercrime combatting platforms that assist law enforcement agencies.

The CSIR also collaborates with government departments and institutions to strengthen national security and digital resilience to build cybercrime investigation capabilities, investigate and mitigate complex digital crimes.

The CSIR's Centre for Information and Cybersecurity also provides strategic support to various law enforcement agencies to ensure they remain competent in combating cybercrime.

“These technological solutions are complemented by our strategic partnerships with key institutions, including the South African Police Service and the Special Investigating Unit, to provide the technical expertise needed to combat sophisticated cybercrimes,” explained Mtsweni.

In addition, the CSIR works with the Department of Science, Technology and Innovation to develop local cybersecurity capabilities, as well as with the Cybersecurity Hub to conduct national cybersecurity surveys and support citizens and private sector to deal with cybercrime and incidents.

Recognition

Over the years, Mtsweni has won several awards, and this serves as a testament to his commitment to both scientific advancement and fostering the next generation of leaders.

These include the Emerging Leader Award at the CSIR Excellence Awards in 2016, the Best Paper Award at the South African Institute of Computer Scientists and Information Technologists Conference in 2018, the Chief Researcher Award in 2023, National Research Foundation-Rated Researcher (C2), being named one of the Top 50 Cybersecurity Professionals in South Africa in 2024 and being awarded a prestigious NSTF-South32 Award at the National Science and Technology Forum in 2025.

Groundbreaking research

Based on the national cybersecurity surveys released by the CSIR at the end of 2023/24 – conducted and published under Mtsweni’s leadership – South Africa faces a significant challenge in its cybersecurity posture.

These were among the first surveys of their kind by the CSIR. Key findings shared by Mtsweni reveal the current state of cybersecurity in the country.

• Prevalence of Cyberattacks: 47% of organisations reported between one and five cybersecurity incidents in the past year. A concerning 88% of organisations admitted to at least one security breach, with 90% of those being targeted multiple times.
• Preparedness and Awareness: Only 32% of organisations indicated that more than half of their employees have received cybersecurity awareness training in the past year. Just 41% are assessing and monitoring cyber threats daily, exposing a critical gap in detection and response.
• Skills Gap: The cybersecurity skills shortage remains a major challenge, with 63% of cybersecurity roles across the country either partially or entirely unfilled.
• Common Threats: Malware and phishing attacks were identified as the most common cyber threats faced by organisations.

Mtsweni advised public institutions to identify potential risks before they lead to a full-scale cybercrime event, to uncover hidden vulnerabilities and threats that may have been missed by other security tools.

“Public institutions should consider performing proactive digital forensic readiness and vulnerability assessments. While the exact frequency can depend on the institution's risk profile, budget and regulatory requirements, a good practice is to conduct these assessments annually or bi-annually as part of a comprehensive cybersecurity audit”.

He added that digital forensic investigations should be performed immediately and as a standard procedure in the aftermath of any security incident, such as a cybercrime, data breach or network intrusion.

Leading in protecting information and cybersecurity

Citing recent global reports and indices, Mtsweni said South Africa is considered one of the leading countries in Africa in terms of protecting information and cybersecurity, though it still faces significant challenges compared to some developed nations.

According to the International Telecommunication Standards Global Cybersecurity Index 2024 report, South Africa has been placed in Tier 2, categorised as "Advancing" in its cybersecurity maturity behind seven other African countries.

“Other reports, such as one by Statista, have also placed South Africa as the 4th most prepared country in Africa to fight cyberattacks. While South Africa is one of the leaders on the African continent, it still has work to do to reach the same level as global leaders in cybersecurity,” he said.