Home Pricing Archive About Privacy

Cyber Risk Management in Gauteng Metros

📑 5 slides 👁 3 views 📅 1/28/2026
0.0 (0 ratings)
Download

Cyber Risk in Gauteng Metros

Legacy systems & configuration drift create 114 unique vulnerabilities (26 critical) across 550 IPs

Cyber Risk in Gauteng Metros
2

Root Causes of Exposure

  • Legacy systems: Unsupported OS/DBs with insecure defaults and no hardening baselines
  • SQL governance gaps: Excessive privileges & weak authentication enable silent compromise
  • Vulnerability backlog: Large critical/high findings with incomplete coverage
  • Supplier issues: Insufficient cyber assurance evidence & weak contract performance proof
Root Causes of Exposure
3

Enforcement & Accountability

  • Audit enforcement: Significant deficiencies require evidence-based closure
  • Evidence discipline: Target zero scope limitations next audit cycle
  • Tone at the top: Governance must drive outcomes, not just policies
  • Definition of done: Hardening standards, access recertification, supplier SLAs
Enforcement & Accountability
4

12-Month Improvement Plan

  • 0-3 months: Publish hardening baselines, remove high-risk exposure, close critical vulnerabilities
  • 3-6 months: SQL privilege reduction, quarterly access recertification
  • 6-9 months: Extend SOC visibility, segment legacy systems, formalize lifecycle decisions
  • 9-12 months: 40-60% vulnerability reduction, MTTR ≤30 days, zero scope limitations
12-Month Improvement Plan
5

Call to Action

  • Current vulnerabilities require immediate remediation and governance oversight
  • Supplier contracts must include enforceable cyber SLAs with evidence packs
  • Progress will be measured through vulnerability reduction and MTTR metrics
  • This trajectory converts audit findings into measurable control improvement
Call to Action
1 / 5