INDUSTRY WATCH
“Of course, once the inevitable happens
and a breach occurs, how the IT
security team responds will be critical.
This requires that the right people and
response strategy must be in place if
the company is to mitigate against the
potential damage of the breach.
Matt Walmsley, Head of EMEA Marketing
at Vectra
Craig Freer, Executive Head: Cloud and
Managed Services at Vox Telecom
Craig Freer, Executive Head: Cloud and
Managed Services at Vox Telecom, says
that security ‘is no longer a luxury’ and is
something that must take top priority at
every organisation.
“Cybersecurity must be addressed at a board
level and not left being ‘relegated’ to an
IT decision-maker,” he said. “Companies
need to conduct an extensive audit of their
entire IT environment, invest in getting the
right cybersecurity infrastructure in place
and ensure their systems are updated to
factor in emerging threats. They also need to
continually assess their ability to effectively
deal with attacks. In our experience, most
companies are not geared to repel any type
of attack, much less recover effectively from
one. It has become a case of businesses
being sitting ducks. Very few SMEs really
understand their vulnerabilities and it can be
quite complex for them to secure themselves
as best as possible. It really is a case of they
do not know what they do not know.
“Cybersecurity at an organisation is not a
snapshot in time but evolves as the threat
landscape changes. Businesses must do
more to educate themselves about the
threats they face and take the necessary
steps to protect themselves.”
Indi Siriniwasa, VP at Trend Micro Sub
Saharan Africa, said that far too many local
organisations still believe they will never be
targeted simply by virtue of the fact that
they are based in ‘deepest, darkest Africa’.
“This thinking is certainly not limited to
South African companies but extends
throughout the continent,” he said. “Whether
this could be attributed to believing that
African companies are not ‘worth’ being
attacked when much more attractive targets
are based in Europe and the United States
66
INTELLIGENTCIO
Indi Siriniwasa, VP at Trend Micro Sub
Saharan Africa
is up for debate. However, the reality is
that decision-makers must reassess how
they protect themselves at a time where
data forms the lifeblood of any business.
Compromised data is akin to giving away
the keys to the safe.
“Despite this, it is still frightening to think how
few enterprises approach their defences with
more than firewalls and anti-virus solutions.”
Even though the banking, financial services
and insurance (BFSI) segment is still the
hardest hit, attacks are increasing against
public entities.
“Most of these attacks have a monetary
motivation to getting data. For companies
to more effectively safeguard this data,
they must understand that even if they
have all the security tools available, a
breach can still occur.
“Companies must also look at common
security controls and ensure these are
updated to the latest definitions to have a
baseline to work against. Moreover, it must
establish a people process and technology
methodology that can increase the security
effectiveness as the one cannot work
without the other.
“Using solutions capable of correlating
data across network, cloud, email, and
endpoints for a more pro-active
cybersecurity environment is therefore
essential. Ultimately, it is about
responding faster to attacks, delivering
more effective counter measures, and
keeping data as secure as possible
while not impacting on operations that
will be the difference between success
and failure.”
Anton Ivanov, Security Researcher
at Kaspersky, says that the threat of
ransomware remains as powerful as
ever and the company’s detection data
shows that larger organisations, such as
city authorities and enterprises, are the
fastest-growing target.
“According to our data, attacks on
employees of large organisations have
gone up 17.9% in the last 12 months
(from 198,334 in the period June 2017
to end May 2018, to 233,763 for June
2018 to end May 2019), compared to
an increase of just 3% in attacks on
individual consumers,” said Ivanov.
“Attacks on urban infrastructure are
often worryingly successful, with far
reaching impact on essential systems and
processes, affecting not just the authority
itself but local businesses and citizens.
What makes cities a target? It could be
the fact that they run vast networks of
connected technology that can be hard
to update, manage and patch effectively,
or because the attackers believe they
may be more inclined to pay the ransom
to avoid recovery costs that can be many
times higher than the ransom fee.
“To protect city infrastructure against
the threat of ransomware, Kaspersky
recommends securing all data, devices and
networks with robust security software.
“But with many non-technical employees,
located across many different sites,
employee training and awareness is
probably the greatest priority. n
www.intelligentcio.com