Organisations need a smart approach to address ongoing security concerns
With South Africa now being the third-most targeted country worldwide in terms of cyber attacks, it is becoming critical that local companies be more guarded, take better precautions against threats, educate their staff, and even look to service providers that have security measures in place to safeguard them from malicious actors.
Security has of course always been a consideration, so what has changed? Previously, most employees worked from the office, and organisations were able to more closely monitor their hardware and software, and take proactive measures against any perceived threats. Now, with the shift to hybrid or remote working, employees are accessing the company network or data from home or remote locations, and it is highly unlikely that these locations are as secure as the office.
This leaves employees more vulnerable, and they become the new targets through which attackers look to breach corporate networks or databases. This can occur through malware or ransomware that gets installed on people’s devices, or through phishing attacks or email spoofing.
Apart from hackers who are looking to steal personal data, banking information or usernames and passwords – with most people tending to use the same password across accounts, this is a goldmine – we have also seen the emergence of those who use scripts to identify vulnerabilities and leave a mark. This can be seen in the instances where websites are simply defaced in an act of digital vandalism.
Environment of Zero Trust
Beyond just looking at hardware or software solutions to step up security, there needs to be a concerted effort toward employee education, and the implementation of Zero Trust policies as more employees work from networks that might not be fully secure. This includes carefully scrutinising any remote request to your backend systems or data, as well as the mandatory use of two-factor authentication wherever possible.
This increased focus on security is also coming about as more organisations closely review their security as they move their operations to the cloud, in order to benefit from the various advantages that it brings, including scalability, flexibility and enabling seamless remote working, as well as being able to free themselves from worrying about major IT refreshes, networking gear, bandwidth provision, and more.
Then there is the implementation of privacy regulation, such as GDPR for companies that are either based in Europe, or do business with clients based in the EU, as well as PoPI locally, which can result in stiff fines for organisations that fail to properly take care of personal data.
A new arms race?
A challenge going forward is that as some organisations take more precautions to make their networks and data more resilient against attacks, those companies that do not take similar measures are now turned into softer targets for cyber criminals. And, this can already be observed: with large enterprises having the resources to better protect themselves, SMEs are not becoming the primary target.
As such, organisations will have to be smart about how they better protect themselves, as not every one of them has the financial muscle to implement every hardware and software solution to protect themselves. In some cases, they will have to depend on the reliability of their service provider to ward off certain types of attacks.
To ensure their service providers are well equipped, organisations need to ask the right questions, including whether customer data is encrypted so it is protected even if there is a breach, whether they have the necessary firewall or other security solutions that allow them to monitor their networks and data holistically rather than on a device basis, and if they have the resources in place to identify and mitigate an attack should one be detected.
It could also be if they have the necessary hardware or software in place to protect their customers against a Distributed Denial of Service (DDoS) attack, or if they can ensure continuity of service even after an attack. Organisations can also look to favour service providers that have international certifications such as ISO 9000 or ISO 27001. These are what are increasingly going to be the differentiators when selecting a service provider in future.
Spending on security, be it hardware, software, skilled people, or properly equipped service providers will become a key feature of organisations going forward. You could of course practice air-gapping – unplugging each and every device so that it is no longer connected to your network, but this is no longer a valid solution in a digital world.
By Antony Russell, CTO at Telviva