Misinformation and disinformation are significant risks for South African organisations, and can have a direct impact on their compliance efforts. 

This was the message from Alex Roberts, Regional Director at CURA Software, who was speaking at the first Compliance Institute SA (CISA) roundtable for 2023. 

Roberts unpacked the 2023 WEF Global Risks Report and highlighted that the report ranks ‘misinformation and disinformation’ as the 16th and 11th most pressing short-term and long-term risks to global organisations respectively. 

Using this graphic from the report as an example, he explains why businesses should place emphasis on misinformation and disinformation. 

 By mapping out the bi-directional relationships that risks have to each other, organisations can improve the impact of their risk mitigation activities. 

The South African context 

South Africa has many catalysts that lend themselves to misinformation and disinformation – including the load-shedding crisis, the trial of former South African president Jacob Zuma, the upcoming national elections, and the driving of political agendas. 

What’s more: StatsSA data shows that 83% of South Africa’s population has access to the Internet, and nearly half of the population is active on social media. In addition to this, Statista states that even though social media is the least trusted news source in the world, 68% of South Africa’s population depend on platforms such as Facebook and WhatsApp as their sole source of news. 

The lack of literacy among 30% of the population means that these users are susceptible to being tricked by misinformation and disinformation. The increasing use of cutting-edge technology like deep fakes negatively impacts their ability to identify and respond appropriately to fake news. 

 Watch the recap here 

How to use technology responsibly 

In his presentation at the CISA roundtable, Roberts outlined eight ways South African businesses can self-regulate their use of technology to avoid the spread of misinformation and disinformation. 

It is important that businesses take active steps to self-regulate, said Roberts, otherwise the government will eventually be forced to step in and could over-regulate to the detriment of the business community. 

 Roberts suggested that organisations take the following compliance steps: 

1. Third-party management – Ensure third-party vendors, contractors, and partners handle information in line with your organisations policies and procedures. 
2. Employee training – Equip employees to recognise and avoid spreading misinformation. 
3. Monitoring and reporting – Monitor the spread of misinformation within your networks and implement a system to report it. 
4. Risk management – Conduct regular assessments to identify potential vulnerabilities and take steps to mitigate these risks. 
5. Establish policies and procedures – Equip yourself to handle information effectively, including guidelines for verifying information accuracy. 
6. Compliance and enforcement – Implement processes for compliance that ensure employees and partners understand their responsibilities and the ramifications of their actions. 
7. Regular communication – Conduct regular dialogues with employees and partners about preventing the spread of misinformation. 
8. Continuous approach – Treat mitigating the risk of misinformation as a continuous process and adapt when necessary. 

 Link to original article: https://businesstech.co.za/news/industry-news/665173/fact-vs-fake-managing-the-risk-of-misinformation/