US-based cyber security company AttackIQ has officially entered the South African market, marking a significant step in its global expansion. The firm has appointed cyber security expert Luke Cifarelli as its country manager to lead its operations locally.
Cifarelli highlighted South Africa and the broader African continent’s rapid digital transformation, which presents substantial opportunities alongside significant cyber risks. He noted a notable increase in high-profile security breaches affecting sectors such as financial services, critical infrastructure, and the public sector. This has led organisations to recognise that traditional security measures are insufficient, creating a rising demand for continuous validation and threat-informed defence strategies.
By establishing a local presence, AttackIQ aims to contribute to building a more resilient cyber security ecosystem in South Africa. The company was founded in 2013 by a team of pioneers in operationalising the MITRE ATT&CK framework. Its core mission revolves around providing defenders with a robust platform to continuously validate their security controls against real-world adversary behaviours.
Previously, AttackIQ’s products were accessible in South Africa through channel partners. Even before the official launch, several innovative South African organisations across finance, retail, and insurance sectors were already utilising the AttackIQ platform through these partnerships. Their positive experiences and the value derived from the technology demonstrated a strong product-market fit, prompting the investment in a dedicated local team.
Regarding future hiring plans, Cifarelli mentioned that the initial focus would be on establishing a solid foundation for customers and partners. As the client base expands and engagement deepens, increasing the local team will be a natural progression to ensure the delivery of top-tier support and value.
AttackIQ’s target market encompasses organisations of all sizes, including large enterprises in financial services, critical infrastructure, telecommunications, and mining, as well as mid-market companies and managed security service providers.