Despite rapid advances in AI and security tooling, organisations remain vulnerable because fragmented environments, outdated systems, and tool sprawl undermine visibility and control — meaning cyber resilience depends less on new technology and more on disciplined execution and continuous governance. Dariel’s Sasha Slankamenac argues that businesses must shift from defensive, tool-centric security to outcome-driven resilience by consolidating systems, maintaining a real-time digital inventory, modernising legacy environments, and treating incidents as learning opportunities to reduce Mean Time to Detect and Respond.
Dariel’s Sasha Slankamenac says businesses must shift from defensive security to outcome-driven resilience
Johannesburg, South Africa – 20 NOVEMBER 2025 – As organisations race to modernise their digital operations, many still harbour the belief that more tools, more dashboards, and more AI will automatically make them more secure. According to Sasha Slankamenac, Architect in the Office of the CTO and Practice Lead: AI at Dariel, that belief is misguided.
“Security today isn’t failing just because attackers, are in fact, brilliant,” he explains. “It’s failing because environments have become so sprawling and fragmented that teams can no longer see what they own. You can’t protect what you don’t know exists and visibility, not volume, is the real battleground”
The security challenges that faced organisations in 2025 are increasingly tied to complexity:
- Shadow SaaS apps bought on company cards
- Forgotten cloud environments left running after projects end
- Legacy systems nobody wants to retire
- Dashboards multiplying faster than insights
Slankamenac says the first step to resilience is brutally simple: create a living, continuously updated inventory of the organisation’s digital estate. “Every other control — whether AI-driven or traditional — sits on top of that foundation,” he notes. “If your inventory is wrong, every dashboard, alert and risk model built on top of it is wrong too.”
Many organisations respond to rising threats by adding more tools. Slankamenac warns that this often creates security sprawl, where duplicated controls, overlapping features, and unintegrated data produce noise instead of protection. “Security tooling shouldn’t be a landfill,” he says. “If your teams are drowning in alerts, you're not safer — you're blind. Consolidation is the new strategy: fewer systems, shared data models, open integrations, and clear ownership.”
Slankamenac believes the biggest cyber shift of 2025 is cultural, not technical. Organisations are beginning to recognise that cybersecurity is no longer a specialised IT problem — it is a business resilience function. “Resilience grows when small incidents trigger learning, not blame,” he says. “A near-miss phishing email or a misconfiguration is not an inconvenience — it’s a rehearsal. The businesses that treat these moments as learning opportunities grow stronger every month.”
Instead of tracking abstract cyber metrics, he argues that the key measure for CEOs should be Mean Time to Detect and Respond (MTTDR) — the clearest indicator of readiness, fragmentation, and operational maturity.
Outdated systems are among the biggest security liabilities in South Africa. Unsupported platforms, brittle integrations, and ageing data pipelines create governance gaps and widen attack surfaces.
“Modernising isn’t a vanity upgrade,” he says. “It’s a security strategy. The longer outdated systems sit in production, the harder they become to secure — and the cost of that risk compounds quietly over time.”
While cybersecurity technologies continue to evolve, Slankamenac emphasises that the organisations thriving today are the ones focusing on execution. “Security isn’t about the next big tool,” he says. “It’s about consistently doing the basics well — visibility, integration, governance, recovery, and learning. Innovation is exciting, but discipline is what keeps businesses safe.” “We don’t focus on hype,” says Slankamenac. “We focus on clarity and control. That’s what makes security sustainable.” Ends.
About Dariel
Founded in 2001 on the principle of delivering solutions right, the first time, Dariel bridges the gap between human ingenuity and technology. Our strong client partnerships reflect a commitment to excellence and our consultative approach to software engineering makes us a trusted partner for innovative and sustainable tech solutions. Proudly independent, Dariel is part of the JSE-listed Capital Appreciation Group. https://www.dariel.co.za/
For more information:
Samantha Hogg-Brandjes | GinjaNinja | samantha@ginjaninja.co.za | +27-84-458-4857