18 Aug 2025 - In today's rapidly evolving threat landscape, cybersecurity leadership is more critical than ever. The latest ESET Threat Report H1 2025 uncovers the sophisticated nature of modern cyber threats, from skyrocketing “evil twin” mobile fraud to disruptive social engineering tricks. As organisations grapple with these challenges, leadership strategies become crucial in cultivating a security-focused organisation.
ESET’s H1 2025 findings reveal alarming global and regional trends:
- A 160% surge in Android adware infections, especially driven by the “evil twin” malware called Kaleidoscope, highlights the danger of mobile-focused threats.
- The emergence of ClickFix, a deceptive social engineering technique that surged in prevalence by over 500%, now ranks as the second most common attack vector after phishing attacks.
- A volatile ransomware environment, where attacks and active gangs have increased, yet ransom payments have dropped. This reflects criminal infighting, law enforcement takedowns, and eroded trust.
The South African Reality
While phishing accounts for 28% of threats globally and 31% of threats in Africa, South Africa faces an outsized crisis. 52% of all detected threats in the country are phishing-related, earning it the title of “phishing capital of the cyber world.” This makes phishing nearly twice as prevalent in South Africa as in the rest of the continent.
ClickFix is also a growing concern in SA, making up 6.8% of threats across Africa, a statistic driven by high levels of user trust in CAPTCHA and “verification” prompts. The prevalence of these attacks in Sub-Saharan Africa underlines the need for targeted awareness campaigns and leadership-driven prevention strategies.
This data shows that Sub-Saharan Africa and South Africa in particular are on the front lines of cybercrime. Leadership in local organisations cannot afford to simply follow global security models; they must address these specific, regional threat dynamics.
Why Leadership Matters: Strategies for a Security-Focused Organisation
1. Embed Security in Vision and Culture
Creating a security-first mindset within your company establishes a strong vision around cybersecurity. Leadership must consistently emphasise security as foundational, not peripheral, particularly in South Africa, where phishing dominates. This means weaving awareness into daily routines, communications, and performance metrics.
2. Prioritise Continuous Education & Awareness
As threats evolve, awareness training must keep pace. In South Africa, this means going beyond generic phishing simulations and educating employees on the specific phishing patterns used, as well as social engineering ploys like CAPTCHA and mobile “verification” scams.
3. Implement Agile, Robust Policies
Effective cybersecurity policies involve flexible yet enforceable frameworks for mobile device management, incident response, encryption mandates, and access controls. Given the high phishing rate, policies should include strict email and web filtering protocols, as well as multi-factor authentication to mitigate stolen credential abuse.
4. Invest in Advanced Tools & Strategic Partners
Leaders should prioritise investment in the latest tools and regionally informed threat intelligence. The ESET MSP Program enables organisations to partner with a trusted provider that delivers managed security services with daily billing and monthly invoicing, a unified console, automation options, and seamless RMM/PSA integrations.
By working with a managed service provider, organisations gain scalable, expert-driven cybersecurity, particularly valuable in Southern Africa, where threats are uniquely concentrated and fast-moving.
5. Foster Collaboration and Incident Readiness
The ransomware turmoil highlighted in the report is marked by gang feuds, law enforcement intervention, and payment declines, a reminder that chaos can be sudden. Leadership should conduct threat-specific drills, including scenarios for large-scale phishing campaigns targeting local industries.
6. Proactive Intelligence & Sharing
Operating in silos limits resilience. It’s vital to participate in threat intelligence sharing forums and stay connected with locally relevant sources. In Sub-Saharan Africa, this means collaborating not just with peers in the same sector, but also with cross-industry partners facing similar phishing and social engineering threats.
Steps Leadership Can Take to Build a Cybersecurity Culture
- Outline clear security priorities that address local threat realities.
- Deploy tailored awareness programs simulating phishing, mobile fraud, and ClickFix-style social engineering.
- Establish adaptive policies covering device, network, and mobile usage.
- Engage MSPs for scalable, expert-driven support like ESET’s MSP Program.
- Run incident drills for phishing and ransomware scenarios.
Leverage both global and African threat intelligence, and share insights internally and externally.
Why This Approach Works
- Cohesive security ethos – When leaders model and prioritise security, it becomes embedded across teams.
- Adaptive resilience– Training and policies that address both global and local threats keep organisations ahead.
- Operational agility – Trusted MSPs provide scalable and automated solutions.
- Incident readiness – With local intelligence and preparation, organisations can respond faster and more effectively.
In the face of escalating threats, leadership must anchor security as a strategic imperative. By cultivating a security-first mindset, investing in awareness, policies, tools, partnerships, and exercising readiness, leaders pave the way for a truly security-focused organisation.
References & Resources
- ESET Threat Report H1 2025
- ESET MSP Program
- ESET South Africa Threat Report