Cyber Security Africa is an industry-leading Value Added Distributor with a single-minded focus – the mitigation of information security risk for our clients. We focus our attention on niche, generally complex and certainly relevant security solutions, aimed predominantly at enterprise and mid-market clients. We pride ourselves on being small enough to remain agile and large enough to apply a dedicated approach to each client experience.


This, backed by trusted international vendors and globally recognised channel partners, is what sets us apart from our competitors. Our consultative approach ensures we understand the long-term goal of our end-user’s, while maintaining collaborative relationships with our selected integration partners, thereby enabling us to provide effective long-term solutions.


A keen understanding of this ever-evolving Cyber Security industry, with all its technologies, innovations, threats and solutions positions us as “future-proof” to clients, while maintaining availability to attend to their more immediate needs.


Cyber Security Africa services the continent of Africa, ensuring invaluable local market knowledge and on-the-ground response. We have a presence in the following countries, South Africa, Kenya, Uganda, Nigeria, Ghana and Ivory Coast. Though Cyber Security Africa is a company, we pride ourselves on only taking on business we believe we can excel in.


As an industry-leading Value Added Distributor, we provide our full attention to each of our Vendors and only partner with the very best.



A penetration test is a simulated attack on a computer system that looks for security weaknesses, potentially gaining access to the system’s features and data.

Penetration Tests are needed  to test the security solutions in place and determine their effectiveness.

Red Teams are teams of hackers who with little information on the target asset attempt to mimic a real world attack on the asset. This provides valuable information on the asset as seen from an outside view.


  • Red Team Exercises
  • Capture the Flag
  • Social Engineering Testing
  • Web Application Exploitation
  • Infrastructure Testing


NIST SP 800 – 115 framework. Section 5.2 is the section that addresses Penetration Testing.


This penetration testing framework is useful for determining the following:

  • How well the system tolerates real world-style attack patterns
  • The likely level of sophistication an attacker needs to successfully compromise the system
  • Additional countermeasures that could mitigate threats against the system
  • Defenders’ ability to detect attacks and respond appropriately


Phases of Penetration Testing

  • Reconnaissance
  • Scanning
  • Gaining Access
  • Maintaining Access
  • Covering Tracks


These services benefit the view of the asset by:

  • Mimicking real attack scenarios
  • Providing Reals world data on the security of the asset
  • Comprehensive analysis on remediations and security procedures


Within the past few years, a number of new laws, regulations and standards have been created to ensure that organizations take responsibility for their information security.

Complying with these new rules can seem like a daunting task. If an organization gives compliance and proper information security enough thought, however, they will understand that what’s most important is embracing a strong methodology towards information security.

Once a strong methodology is developed and implemented, compliance becomes simply a task of mapping that methodology and its subsequent documentation to the expectations of the regulatory body focused on auditing the information technology infrastructure.


Technical compliance with South African and International Regulations

Regulatory consulting for possible solutions needed with respect to specific regulatory frameworks








  • Continuous Vulnerability Management
  • Vulnerability Reporting
  • Security Posture Assessment
  • Web Application Vulnerability Analysis
  • Cyber Security Assessment


Information Security Policy (ISP) is a set of rules enacted by an organization to ensure that all users or networks of the IT structure within the organization’s domain abide by the prescriptions regarding the security of the company


  • Building Policies and Procedures in consultation with the IT team and C Level
  • Creating controls for policies
  • Ensuring Policies secure the environment without impacting on business operations


  • Acceptable Use Policy
  • Clean Desk Policy
  • Data Breach Response Policy
  • Disaster Recovery Plan Policy
  • Digital Signature Acceptance Policy
  • Email Policy
  • End User Encryption Key Protection Policy
  • Pandemic Response Planning Policy
  • Password Construction Guidelines
  • Security Response Plan Policy
  • Ethics Policy


We offer 5 main frameworks to our clients.


Each framework dictates the method through which each branch of security services and technologies are delivered. This ensures that all services are delivered adhering to business industry standards and that the best steps are taken to mitigate against a cyber security threat.


International Standards Organization and internationally most common


US National Institute of Standards , compulsory for all US government organs


Centre for Internet Security, focuses on controls


Resource for Information Security Training - large amount of controls


Web application framework, most common internationally


The CIS Critical Security Controls are a relatively small number of prioritized, well-vetted, and supported security actions that organizations can take to assess and improve their current security state.


CIS Critical Security Controls are informed by actual attacks and effective defenses and reflect the combined knowledge of experts from every part of the ecosystem


  • CIS 20 Controls
  • Assess Current Security Maturity
  • Assess ability to survive an attack
  • Assess integrity of information should an attack occur


Managing Director

Martin Britz

Operations Director

Toni Bowker

Sales Manager Southern Africa

Gayle Britz

Senior Security Consultant

Mohammed Balogun

Business Development Manager

Dee Pockpass

Senior Security Consultant

Sherwyn Moodley

Senior Security Consultant

Christian Jeurissen

Sales Manager East Africa

Susan Ndungu

Security Consultant

Martin Charagu

Administrative Coordinator

Madelein Meyer