Cybersecurity & POPIA

POPIA is in full effect, and South African SMEs are squarely in the firing line. Most do not need an enterprise security operations centre. They need to know where they are exposed, fix what matters most first, and have someone who knows their system to call when an incident happens. We handle security the way we handle everything else: in plain language, by the engineers who do the work, priced for a small or medium business rather than a bank.

Penetration testing

We test the way an attacker would, across web applications, networks and the human layer, then write it up so your team and your board can both follow it. Every finding is ranked by real-world risk and paired with a remediation plan you can action, not a thousand-line scanner dump you have to decode.

POPIA and GRC

POPIA compliance is practical work, not a legal mystery. We run a gap analysis against where you stand today, produce the policies and data-processing records you are required to hold, map where personal information lives and who can reach it, and leave you with a plan you can maintain. Administrative fines under POPIA reach R 10 million, and the Information Regulator is now acting on complaints, so this is no longer something to put off.

Test

Ongoing cover

For businesses that want more than a one-off, the SME resilience package folds the work into a single retainer: quarterly vulnerability scans, an annual penetration test, a POPIA review, managed endpoint protection, security awareness training that changes how staff behave, incident response support, and a monthly report you can read. When something does go wrong, you reach the same engineers who know your setup, not a stranger reading from a script.