Services Solutions Approach Pricing Contact Free Review
Cyber Security · AI Governance · MFA Services

Secure Identity.
Govern AI Risk.

MDHG helps South African businesses strengthen cyber resilience, enforce modern access controls, and govern AI adoption with practical assessments, MFA services, and plain-language advisory.

Schedule a Consultation Explore Services
577/hr
Cyber attacks on SA SMEs every hour
R10M
Maximum POPIA fine — enforcement active 2026
MFA
Identity-first protection to reduce account takeover risk
Zero Trust
Access decisions based on user, device, and risk context
Cyber Services
Cyber Advisory.
AI Governance. Identity Security.

We focus on the controls South African businesses need most right now: cyber risk clarity, AI governance, identity security, and practical remediation that leadership teams can act on quickly.

Cyber Risk Posture Assessment
Understand your true exposure fast — aligned to your business context and threat landscape.
AI Security & Governance
Assess AI-related risks and governance controls as AI adoption accelerates across your organisation.
Vulnerability Management Review
Identify, prioritise, and track vulnerabilities with immediately actionable guidance.
Identity & Access Governance Assessment
Identity hygiene, privilege review, access governance, and full MFA coverage analysis.
MFA Services
Deploy and strengthen multi-factor authentication to reduce phishing, compromised-password, and account takeover risk across critical systems.
OT / ICS Exposure Assessment
Operational technology and industrial control system risk identification and reduction.
Remediation Roadmap & Advisory
Prioritised action plan — immediate wins, short-term fixes, long-term strategic horizons.
Why MFA Matters
Passwords Alone Are
No Longer Enough

Modern attacks target identity first. MFA adds an essential verification layer between stolen credentials and business systems, and stronger phishing-resistant methods materially reduce the chance of unauthorised access.

Why It Matters
The Value of MFA
  • Reduces the risk of account takeover when passwords are stolen or reused
  • Helps defend against phishing, malware, and ransomware-driven access attempts
  • Supports zero trust and stronger access control across cloud and on-prem systems
  • Improves compliance posture and helps satisfy insurer and audit expectations
Business Impact
The Risk of Not Having MFA
  • A single compromised password can expose email, finance, HR, and operational systems
  • Attackers can exploit weak login flows through phishing, SIM swapping, or MFA fatigue tactics
  • Recovery after an identity-led breach is costly, disruptive, and reputationally damaging
  • Organisations without strong authentication are easier targets for repeat compromise
Flagship Solutions
Two Offers.
One Mission.

Whether you need stronger compliance controls, a structured MFA rollout, or an AI governance program, MDHG delivers focused security outcomes without enterprise drag.

★ Monthly Retainer
The Compliance ShieldTM Bundle
From R3,500 / month
  • Monthly cybersecurity health check & written report
  • MFA rollout planning and email security review
  • POPIA compliance file — maintained & updated
  • Employee data audit (annual)
  • Identity hygiene and privileged access review
  • Incident response — you're covered if breached
  • Monthly 30-min advisory call with CEO/owner
  • Quarterly backup restore test & certificate
Get Started
★★ Project + Retainer
The AI Governance Readiness ProgramTM
From R18,000 project
  • AI Tools Audit — map what staff are using & where risk sits
  • AI Acceptable Use Policy — written, branded, signed
  • 2× half-day staff workshops by department
  • Third-party AI vendor and data-handling risk review
  • Approved enterprise AI tool guidance and governance controls
  • Optional monthly AI governance coaching retainer
  • POPIA-aligned AI data governance documentation
Book Scoping Call
What We Solve
The Two Risks
SA Businesses Can't Ignore
POPIA Enforcement Is Real — And Accelerating
The Information Regulator is now actively issuing fines in 2026. Any business holding customer or employee personal data — names, emails, IDs, financial records — is legally required to protect it, disclose breaches, and maintain compliance documentation. Most SA SMEs are not ready.
  • Maximum POPIA fine: R10 million per violation
  • Criminal liability: up to 10 years imprisonment for responsible parties
  • Breach notification required within 72 hours of discovery
  • Cyber insurers increasingly require documented POPIA compliance
  • ISO 27001, NIST, and CIS compliance gap mapping included
What Our Compliance Assessment Covers
A structured review of your data environment, technical controls, and documentation posture — delivered in plain language your legal team, board, and insurer can use immediately.
  • Personal information mapping and data flow analysis
  • Access controls and data minimisation review
  • Incident response procedure assessment
  • Third-party processor agreement review
  • Employee awareness and training gap analysis
  • Remediation roadmap: immediate, 30-day, and 90-day actions
Your Staff Are Using AI. Do You Have Control?
In 2026, the average employee uses 3–5 AI tools without employer oversight — feeding client data into ChatGPT, Copilot, Gemini. Under POPIA, your business is responsible for that data even when an employee shares it accidentally. The risk is real. The fix is practical.
  • 74% of AI use cases deliver value — only 24% achieve strong ROI without governance
  • Finance staff pasting client data into public AI is a POPIA breach
  • HR teams drafting contracts in AI tools exposes employee personal information
  • Banning AI is not the answer — governing it is
  • SA has no AI-specific legislation yet, but POPIA applies fully
The AI Governance Readiness Program — What You Get
A practical AI governance implementation: from tool audit to policy to training and control design — delivered in 2–4 weeks with clear business and compliance outcomes.
  • Full AI tools audit across all departments
  • Written AI Acceptable Use Policy (branded to your business)
  • Role-specific staff workshops — finance, sales, ops, HR
  • Enterprise AI tool selection and governance guidance
  • Data handling, approval, and usage control framework
  • Board-ready AI risk and governance reporting
How It Works
Our 4-Step Approach

No lengthy discovery phases. No enterprise red tape. We move fast, assess thoroughly, and deliver findings you can act on immediately.

01
Engage
Scope & Context
A focused scoping call to define environment boundaries, priorities, and your specific business context. We understand your threat landscape before we assess it.
02
Assess
Rapid Assessment
Assessment across all agreed focus areas using proven frameworks — delivered without delay. No weeks of information gathering. We move at business speed.
03
Analyse
Cross-Domain Findings
We correlate findings across all domains to surface real exposure and critical gaps that matter most to your business — not just a checklist of technical issues.
04
Deliver
Clear Roadmap
A findings report and prioritised remediation plan in plain language — no jargon, no fluff. Immediate wins, short-term fixes, and long-term strategic horizons.
Why MDHG
Built for Results
Fast Clarity
Rapid, thorough assessment. No lengthy discovery phases or enterprise red tape. You get answers fast.
Cyber Insurance Ready
Satisfy insurer requirements and reduce premiums with a documented risk posture that meets underwriting standards.
Identity-Centric Defence
Strengthen the control plane attackers target most: accounts, access, MFA coverage, and risky sign-in exposure.
Expert Guidance
Governance, architecture, and deep technical expertise combined in one rapid engagement. No switching between vendors.
Prevention & Mitigation
Proactive strategies plus thorough containment and recovery roadmaps — before and after an incident.
SA-Native Context
Cape Town-based. POPIA-specialist. We understand the local threat landscape, cost constraints, and compliance environment that generic global firms miss.
What You Receive
Executive Summary with risk overview and business context
Technical findings report with severity ratings
Prioritised remediation roadmap — immediate, short & long-term
Risk scoring and exposure heatmap
Compliance gap indicators — ISO 27001, NIST, CIS
Actionable next steps your team can implement immediately
POPIA compliance documentation package
Cyber insurance-ready risk posture report
Pricing
Transparent.
No Surprises.

Month-to-month. No lock-in. Priced for SA SMEs — not enterprise budgets. Start with the tier that fits, scale up when you're ready.

Entry · Starter
Compliance Essentials
R3,500
per month · no lock-in
  • POPIA compliance file setup & maintenance
  • MFA deployment planning or Cisco Duo pilot (up to 10 users)
  • Monthly cybersecurity health report
  • Email security configuration review
  • Advisory support for remediation actions
  • Best for: 1–5 staff

Get Started →
Recommended
Compliance ShieldTM
R7,500
per month · no lock-in
  • Everything in Essentials
  • MFA rollout and access policy support (up to 25 users)
  • Quarterly identity and privileged access review
  • Quarterly backup restore test & certificate
  • Monthly 30-min advisory call
  • Incident response included
  • Cyber insurance-ready documentation
  • Best for: 5–25 staff

Get Started →
Premium
Shield + AI GovernanceTM
R14,500
per month · no lock-in
  • Everything in Compliance Shield
  • AI Acceptable Use Policy maintained
  • Monthly AI governance coaching session
  • Quarterly AI risk and vendor review
  • Board-ready AI governance reporting
  • Priority response — 4-hour SLA
  • ISO 27001 alignment roadmap
  • Best for: 25–75 staff

Get Started →
Not sure which tier? Start with a free cyber risk review.
60-minute scoping session. Clear next-step guidance. No obligation. We will tell you where risk is concentrated and which engagement fits.
Book Free Review →
Get Started Today
Ready to Improve Your
Security Posture?

Book a free scoping call to discuss cyber risk, AI governance, or MFA rollout priorities. Fast advice, practical next steps, and no unnecessary complexity.

60-Minute Assessment
Written Report Delivered
No Sales Pressure
Cape Town Based
Schedule a Consultation +27 87 012 5397
Visibility
Know Your Exposure
Prioritisation
Fix What Matters Most
Execution
Act With Confidence