The tailwind to the digital economy was a rare silver lining to the pandemic. But the digital boom had a hefty price to pay- a whole new world of cyberattacks. In Q1 of 2020, Amazon Web Services (AWS) reported the largest ever Distributed Denial of Service (DDoS) attack. In one of the recent reports, Nvidia, the world's largest semiconductor chip company, was compromised by a ransomware attack. The company confirmed that the threat actor had started leaking employee credentials and proprietary information online.

South Africa was one of the countries severely hit by the pandemic. The country's cybersecurity infrastructure was also tested vigorously since the pandemic began. Last month, the first reports emerged that Transnet, a state-owned enterprise, was experiencing issues with its IT networks. Transnet manages the nation's rail, port, and pipeline infrastructure. The disruption primarily affected operations in several container terminals, interrupting cargo movement. A few days later, Transnet confirmed it had suffered a cyberattack.

Given the flaring amount of cyberattacks, it's high time the country coordinates its efforts. It's a great omen that South Africa's Information Regulator published a notification template and guidance to facilitate reporting security compromises in section 22 of the Protection of Personal Information Act (POPIA). According to the notification, the organizations must notify data subjects and the Information Regulator as soon as an unauthorized party has unlawfully accessed or acquired personal information. The Information Regulator is empowered to investigate such incidents. This will significantly help the businesses in the country coordinate their fight against cyberattacks.