Technology continues to evolve at a rapid pace. Cyber-criminals’ tools and techniques are evolving just as quickly which means that keeping on top of cybersecurity risks is a constant challenge for businesses.
As workplaces become increasingly digital, online security is one of the most important things to consider in today’s business world and should be an essential part of any organisation’s DNA.
A recent Business Day Focus 4.0 Digital Dialogue, in partnership with Logicalis SA, Werksmans Attorneys and BCX, explored the next big threat to cyber security, how to prevent attacks, practices for good cyber hygiene, and tactics for responding to breaches of security.
Ahmore Burger-Smidt, head of regulatory practice at Werksmans Attorneys pointed out that criminals know exactly where we store data – and they’re in the same place. When massive breaches occur, they not only impact the markets but also damage customer trust. Every employee must therefore be made aware of cybersecurity and how to protect data.
Defining cyber criminals as those who misuse computer systems for cyber-espionage, cyber- terrorism, money-laundering or malicious communication, she said it’s often difficult to prosecute these criminals with attacks happening in milliseconds – an estimated 544 attacks per minute. Criminals operate internationally, however, and prosecution will improve with global co-operation and resources.
The weakest security link in a company is staff, added Burger-Smidt, but they should be empowered to be the firewall. E-learning is the best way to achieve this. Given that staff are responsible for 28% of security breaches, the training of every staff member is vital.
Revealing that Rwanda has started motivating for unqualified staff to complete a diploma in cyber-skills, she said this could also be implemented in SA. With data being the ‘new gold’, companies have a legal duty to train staff in better security practices. Ideally cyber-security should be taught to anyone who starts using a device, even to children.
Morne Laubscher, CTO of Logicalis SA agreed, saying educating the general population was essential, even though security was woven into IT programmes. Post pandemic, employees are particularly susceptible as many are working remotely and using video conferencing with access to confidential information. He was positive about the use of VPN’s but revealed that better technology to drive security is becoming available.
A recent survey of the customer base at Logicalis found that companies’ first key performance indicator was to pivot their company; the second was to protect their data. Criminals infiltrate a company’s system days before they attack, so having chief information security officers in place who understand and can adapt to the rapid evolution of security issues and implement backup solutions to counter ransomware has become increasingly critical.
SMMEs, often with smaller budgets for cyber security, are the top targets of cyber criminals. However, there are solutions to assist SMMEs. Not only can they be part of the security systems that hyperscalers have invested in but they can bring in experts to test their organisations regularly for resilience, educate their staff in cyber hygiene, and use a QR system rather than passwords.
Ransomware is a very real threat to many companies. In the event of an attack, Laubscher advised, “Hit pause. Call in forensic auditors and investigators and find out the impact to your organisation. Then plan to fix it.”