Cyber resilience in REITS

In the 2025 BDO Global Risk Landscape Report, cyber threats emerged as the top concern for business leaders globally. This aligns with findings from the Allianz Risk Barometer, which ranks cyber incidents—including data breaches and ransomware attacks—as the most significant risk facing South African businesses in 2025.

South African REITs are increasingly reliant on digital platforms for property management, tenant engagement, and financial operations. This digital evolution, while enhancing efficiency, has exposed the sector to a growing array of cyber threats—from phishing and ransomware to third-party supply chain compromises.

Recent cyber-attacks are definitely “wake up” calls for the sector.  These recent attacks have underscored the vulnerability of South Africa’s financial and property sectors:

  • Standard Bank (Nov 2024): Confirmed a data breach involving personal and financial information of clients. 
  • Telkom (Nov 2024): A franchisee employee leaked customer data to a third-party company, enabling fraudulent customer poaching
  • CIPC Database Hack (Mar 2024): Exposed usernames, passwords, and credit card details of South African business owners
  • Cyber Extortion Gang (Nov 2024): Claimed responsibility for attacks on financial institutions and credit bureaus, exploiting vulnerabilities in TransUnion, Experian, and XDS to infiltrate banks like Absa, FNB, and TymeBank

These incidents reflect a broader trend: South African businesses now face 2,113 cyberattacks per organisation per week, a 14% year-on-year increase. 

Cyber threats are not confined to South Africa. Globally, REITs and real estate service providers have faced increasingly sophisticated attacks, such as:

  • Brandywine Realty Trust (USA, May 2024): One of the largest REITs in the U.S., Brandywine confirmed a ransomware attack that encrypted its internal IT systems and disrupted financial reporting. Hackers stole files from its network, prompting system shutdowns and regulatory disclosures.
  • Rapattoni MLS System Hack (USA, Aug 2023): A cyberattack on Rapattoni, a major MLS system provider, caused widespread outages across the U.S., locking thousands of agents out of listing platforms and stalling property transactions.

These examples reinforce the need for REITs—both locally and globally—to treat cybersecurity as a strategic priority. The interconnected nature of real estate operations means that a breach in one system can cascade across tenants, investors, and service providers, creating an aggregate risk accumulation impact, which current capabilities sometimes lack the ability to identify and manage.

To make matters worse or not. With the introduction of AI, this could be a double-edged sword. AI is rapidly transforming the cybersecurity landscape—both as a powerful defense mechanism and a potential threat vector. For South African REITs, AI presents a unique opportunity to enhance cyber resilience, but it also introduces new complexities. AI fortification demonstrates great benefits in reducing cyber risk exposure as part of cyber defense capability; however, in terms of operational deployment, proper governance is required to manage its usage. 

On the defensive side, AI enables:

  • Predictive threat detection  - Machine learning models can identify anomalies and flag potential breaches before they occur. 
  • Automated incident response – AI-driven systems can isolate compromised networks and initiate containment protocols in real time.
  • Enhanced fraud prevention -  AI can monitor financial transactions and tenant interactions to detect suspicious behaviour. 

However, the same technology is being weaponized by cybercriminals:

  • Deepfake content can be used to impersonate executives or manipulate investor communications. 
  • Automated vulnerability scanning allows attackers to probe REIT systems at scale
  • AI generated phishing attacks are becoming convincing and harder to detect. 

The 2025 BDO Global Risk Landscape Report warns that as AI becomes more accessible, the sophistication of cyber threats will escalate. For REITs, this means cybersecurity strategies must evolve from reactive to adaptive and context aware—leveraging AI not just for protection, but for strategic foresight with cyber and operational resilience as the primary objective. 

The problem statement can also be framed through the lens of potential impacts, using the cost of data breaches and ransomware in South Africa as illustrative examples. For instance:

According to IBM’s 2025 Cost of a Data Breach report:

  • The average breach cost in South Africa is R44.2 million
  • The financial sector faces the highest costs, averaging R70.2 million per breach
  • Third-party compromises and phishing are among the most common attack vectors 

According to Sophos, the average costs of ransomware in South Africa are about R19.4 million, excluding expenses related to downtime, staff response time, device/network replacement, and lost opportunities.

For REITs, these figures translate into real risks—operational disruption, reputational damage, and regulatory exposure under POPIA and the Cybercrimes Act. 

It is important that REITs become resilient and use this as a competitive  advantage.   The Global Risk Landscape Report urges businesses to move beyond compliance and embrace anti-fragile strategies—those that thrive under uncertainty. For REITs, this means:

  • Embed cybersecurity and resilience fundamentals
  • Drive a proactive readiness posture
  • Cultivate risk management thinking and cyber-aware leadership culture
  • Investing in AI-powered threat detection and cloud security reinforcements
  • Strengthening vendor and supply chain oversight

In conclusion the REITs sector should be looking at turning risk into opportunity. Cybersecurity is no longer a technical issue—it’s a strategic imperative. As South African REITs navigate a volatile digital landscape, those who invest in resilience will not only protect their assets but also lead the sector into a more secure and sustainable future