Sithembile Songo, the Chief Information Security Officer (CISO) at Eskom, is at the forefront of protecting South Africa’s critical power utility from a staggering number of cyber threats. With up to one billion attempted cyber incidents each month, Songo’s role is crucial in safeguarding the infrastructure that generates approximately 95% of the country’s electricity.
In a recent interview, Songo emphasized that cybersecurity cannot be an afterthought, especially in an era where cybercriminals increasingly target essential services. With over 20 years of experience in cybersecurity, she leads efforts to ensure Eskom’s overall security posture, focusing on advanced technologies and strategic defenses.
Songo highlighted the prevalence of ransomware attacks, particularly in operational technology (OT) systems, which are often vulnerable due to outdated legacy systems. “Cybercriminals know these systems were not designed with security in mind,” she explained. In 2023 alone, ransomware attacks accounted for over 100,000 of the attempted cyber incidents that Eskom successfully blocked.
The challenges are significant, as South Africa ranks as the eighth most targeted country for ransomware globally. In 2022, more than half of South African firms reported being affected by cyber incidents. Songo noted that during periods of load-shedding, Eskom has blocked as many as two billion cyber threats in a single month, underscoring the scale of the challenge.
One of the critical aspects of Songo’s strategy is managing third-party risks. Cybercriminals often exploit vulnerabilities in third-party providers to gain unauthorized access to networks. “It’s essential to ensure that our cybersecurity strategy adequately covers third parties to prevent them from introducing risks,” she stated.
To combat these threats, Eskom has invested in artificial intelligence (AI) and machine learning technologies. Songo explained that these tools are vital for real-time detection and response to advanced cyber attacks, which can sometimes bypass traditional security measures. “AI and machine learning are not just nice-to-haves; they are essential for our operations,” she said.
In addition to enhancing security measures, Songo is passionate about increasing gender diversity in the cybersecurity field. She acknowledged that the industry has been slow to attract women, describing the current state as “appalling.” Songo believes that fostering diversity is crucial, especially as AI technologies can sometimes be biased towards male perspectives.
“We need to create platforms and mentorship programs to encourage young women to pursue careers in cybersecurity,” she urged. Songo’s own journey into the field began later than ideal, and she advocates for introducing cybersecurity education at earlier stages in academic programs.
Despite the challenges, Songo finds her work rewarding. “You never get bored in cybersecurity; there are always new challenges that present opportunities for innovation,” she remarked. Her commitment to the field is evident as she continues to lead Eskom’s efforts to fortify its defenses against an ever-evolving landscape of cyber threats.
As Eskom navigates these high-stakes challenges, Songo’s leadership and vision will be pivotal in ensuring the security of South Africa’s critical infrastructure, while also paving the way for greater inclusivity in the cybersecurity sector.