Cybersecurity Services
Practical, layered security sized for an Eswatini SME or parastatal budget — not a Fortune-500 one.
What this service is
The threat landscape facing Eswatini businesses is the same as the one facing organisations in Johannesburg, Cape Town or London — phishing, ransomware, business-email compromise, insider mistakes, lost laptops. What's different is the budget and the headcount available to defend against it. Busiquip's Cybersecurity practice designs layered defences sized for our local market: the controls that prevent the overwhelming majority of real-world attacks, deployed pragmatically, monitored continuously, and updated as threats evolve.
We focus on the controls that consistently show up in post-incident reports as the difference between a near-miss and a six-figure loss in lilangeni: email security, endpoint protection, identity hardening (especially multi-factor authentication on Microsoft 365), backup integrity, and staff awareness. We also align everything to the Eswatini Data Protection Act and POPIA where cross-border data flows are involved, so your auditors and the ECA have something defensible to read.
What we do
Email security
Anti-phishing, anti-spoofing, DMARC/DKIM/SPF enforcement, attachment sandboxing and link rewriting on Microsoft 365 and Google Workspace.
Endpoint detection & response (EDR)
Next-generation endpoint protection on every laptop, desktop and server — not the free antivirus that came pre-installed.
Microsoft 365 / Google Workspace hardening
A 5-day hardening sprint that lifts a typical Eswatini tenant from a Secure Score of 30 to 80%+.
Multi-factor authentication (MFA)
MFA rolled out across the workforce with conditional access policies — break-glass admin accounts protected separately.
Immutable backups
Backups that can't be deleted or encrypted by ransomware, with quarterly restore drills to prove they work.
Vulnerability management
Scheduled vulnerability scanning, patch management and a prioritised remediation queue — so unpatched software stops being the open door.
Security awareness training
Quarterly online training and simulated phishing campaigns — staff who learn to spot phishing in a safe test environment.
Incident response retainer
30-minute containment SLA on declared incidents. We own the response while you keep the business running.
Eswatini Data Protection Act alignment
Data inventory, lawful-basis mapping, breach-response procedures and the documentation auditors expect.
Our process
Assess
A 2-week posture assessment across identity, email, endpoints, backups, network and awareness. Output: a prioritised risk register scored on likelihood and impact.
Harden
Close the top five risks first — typically MFA, email filtering, EDR, backup verification and admin-role review.
Monitor
Ongoing EDR monitoring and monthly posture reports. Alerts triaged by our team, not dumped into your inbox to ignore.
Respond
Incident response retainer with a defined SLA. A containment call within 30 minutes of an active incident, an executive update within 2 hours.
What you get
Every engagement ends with concrete deliverables — you don't pay for slides, you pay for outcomes.
Engagement & pricing
Indicative pricing in lilangeni. Every project gets a fixed-scope quote once we understand your specific needs.
Essentials
MFA, EDR, email security, monthly reporting. For teams of 5 to 25.
Business
Adds awareness training, simulated phishing, vulnerability scanning and patching. For teams of 25 to 150.
Enterprise / Regulated
Adds 24/7 monitoring, incident response retainer with SLA, formal DPA / POPIA documentation. For financial services, healthcare and regulated sectors.
Where we've done this
A sample of cybersecurity services engagements with Eswatini businesses. Specific client details are kept confidential.
A financial services firm in Mbabane
Hardened M365, rolled out MFA to 80 staff and deployed EDR across the fleet — Secure Score moved from 32% to 87% in one week, and a real phishing attempt was blocked the following month.
A private hospital group
Implemented immutable backups, EDR and Eswatini DPA-aligned data-handling procedures across three sites.
A parastatal supplying government
Established an incident-response retainer and quarterly phishing simulations after a near-miss BEC attempt — staff susceptibility dropped from 28% to 6% in six months.
Frequently asked questions
How long does it take to harden a Microsoft 365 tenant?
Our standard hardening sprint runs 5 working days: MFA enforcement, conditional access, anti-phishing, audit logging, admin-role review and a baseline Secure Score lift from typical 30-45% up to 80%+.
Are you a Managed Security Service Provider (MSSP)?
Yes — for SMEs at our Business and Enterprise tiers we monitor your environment, triage alerts and handle incident response, so you don't need an in-house security analyst.
Do you handle the Eswatini Data Protection Act?
Yes. We map your data flows against the Eswatini DPA, align with POPIA where data crosses into South Africa, and produce the data inventory, lawful-basis register and breach-response procedures auditors and the regulator expect.
What about ransomware? Can we recover?
If your backups are immutable and tested (which is part of our Essentials tier), yes — you can refuse the ransom and restore. We run quarterly restore drills precisely so you don't find out backup is broken during an incident.
How fast do you respond to an active incident?
Enterprise / Regulated retainer clients get a 30-minute containment call SLA in business hours and a 2-hour SLA outside hours. We will be on the bridge before most internal teams have finished their first coffee.
Do we need a SIEM?
Not always. A SIEM helps once you have enough log volume and a team capable of triaging it. Most Eswatini SMEs are better served by managed EDR and email security first; SIEM enters the picture at the Enterprise tier.
Can you help if we've already been breached?
Yes. Incident-response engagements include containment, forensics, communication support, regulator notification and post-incident hardening. Call us first, then your insurer.
Related services
Strategic IT Consulting
Expert guidance to align your technology strategy with your business goals, ensuring optimal ROI and future growth.
Systems Integration
Seamlessly connect disparate systems and applications to improve workflow, data accuracy, and operational efficiency.
Digital Transformation
Modernize your business processes with innovative digital solutions, from cloud adoption to workflow automation.
Let's talk about cybersecurity services
Book a no-obligation conversation with a Busiquip specialist in Mbabane. We'll listen first and propose later.