The Breach Is in the Database

The pace of data breaches in South Africa has accelerated to a startling three‑hour cadence, underscoring a systemic blind spot: the database layer. While firewalls and endpoint tools dominate security budgets, attackers bypass these perimeters and infiltrate the data estate, where they can map schemas and siphon records over weeks without triggering alerts. Global studies echo this trend, with the 2025 IBM Cost of a Data Breach report noting an average 241‑day dwell time, a window that lets malicious actors harvest high‑value information in small, undetectable batches.

Regulators are responding with tougher enforcement. POPIA, South Africa’s data‑protection law, now treats inadequate database monitoring as a breach of statutory duty, imposing fines up to $0.53 million and criminal liability for egregious violations. The Information Regulator’s focus has shifted from perimeter defenses to proof of visibility at the data layer, demanding auditable logs, governed privileged access, and continuous vulnerability management. Companies that cannot demonstrate these controls face not only financial penalties but also reputational damage and mandatory breach notifications that can erode customer trust.

Addressing the gap requires four disciplined practices: real‑time monitoring of query activity, time‑bound governance of DBA‑level accounts, dedicated vulnerability management for database configurations, and tamper‑proof audit trails. Vendors that embed these capabilities into managed services or platform solutions stand to capture a growing market as organisations scramble to meet compliance and protect their most valuable asset—data. Ascent Technology, with its decade‑plus expertise in data platform governance, exemplifies the type of partner businesses will seek to secure the hidden heart of their enterprise stacks.