A recent report by professional services company, Accenture warns that South Africa is facing an alarming onslaught by cyber criminals with 2019 alone showing a massive cross-industry spike with R2.2 billion lost due to these attacks.
In 2020, the globe has gone through a fast-tracked technology evolution, with companies scrambling to upgrade their IT backbones to support the needs of a workforce working from home (WFH) or remotely.
Combined with the proliferation of the Fourth Industry Revolution (4IR) and resultant digitalisation, organisations are now faced with melting pot of security vulnerabilities that can be exploited at any time.
Unfortunately, security investment is and remains a grudge purchase particularly as the country faces an economic downturn due to the COVID-19 pandemic. Also, with a volatile exchange rate, robust security solutions can become quite expensive, again hindering companies to make the investment.
However, the reality is companies must up their security spend – making a quick (few thousand Rands) investment and deploying it in-house isn’t good enough. Organisations need take a long hard look at their infrastructure and how cyber security vulnerability can expose their business.
The bad guys are lazy and will launch attacks on the easiest and most vulnerable targets. Therefore, if your security infrastructure is not fortified, chances are you will in the foreseeable future become a prospective target.
Organisations and their employees must also become more security aware. An important first step would be to develop resilient and practical organisational processes that serve as an important layer of their overall security posture.
Risk assessment is another important step; what part of my organisation is the most vulnerable and how can I mitigate it? Once businesses have identified these vulnerabilities, they can start looking at the cyber security technologies that can assist them in strengthening their infrastructure. Implementing a security awareness programme and training is also a valuable exercise. Here, a cyber security expert can provide important guidance on the weakest point in the organisation and how departments such as HR and Finance can ensure they don’t expose the company to any potential attacks.
WFH also places the emphasis on the joint responsibility of the organisation and its employees to safeguard valuable data. For one, businesses must ensure that access to the online information includes the requisite encryption and other security measures.
Employees must remain extra vigilant, understanding that working from home doesn’t absolve them from their responsibility to employ sound security practices. Here, a WFH policy that clearly stipulates roles and responsibilities of all parties is an important measure.
Ultimately, understanding where your organisational vulnerabilities lie and securing it accordingly will ensure that you don’t become the next statistic on a list that continues to grow longer as the year progresses.
By Simeon Tassev, MD of Galix