According to Indi Siriniwasa, VP at Trend Micro Sub Saharan Africa, the recent state of Distributed Denial of Service (DDos) attacks on several South African financial institutions has once again highlighted the importance of having an integrated cybersecurity approach reflective of the requirements of the always-on world. Below is what Siriniwasa had to say.
Sadly, far too many local organisations still believe they will never be targeted simply by virtue of the fact that they are based in ‘deepest, darkest Africa’. Yet this could not be further from the truth.
This thinking is certainly not limited to South African companies but extends throughout the continent. Whether this could be attributed to believing that African companies are not ‘worth’ being attacked when much more attractive targets are based in Europe and the United States is up for debate. However, the reality is that decision-makers must reassess how they protect themselves at a time where data forms the lifeblood of any business.
Compromised data is akin to giving away the keys to the safe. Despite this, it is still frightening to think how few enterprises approach their defences with more than firewalls and anti-virus solutions.
Even though the banking, financial services and insurance (BFSI) segment is still the hardest hit, attacks are increasing against public entities as is evident by the ongoing ransomware attacks targeting the City of Johannesburg. Most of these attacks have a monetary motivation to getting data. For companies to more effectively safeguard this data, they must understand that even if they have all the security tools available, a breach can still occur.
Recognising this must go together with an honest audit of how cybersecurity is managed inside the organisation. Is it something that is still taking place in silos matching the different needs of every business unit?
Or perhaps employees are not continually trained on the latest social engineering tactics that can result in ‘easy’ compromises from occurring.
Companies must also look at common security controls and ensure these are updated to the latest definitions to have a baseline to work against. Moreover, it must establish a people process and technology methodology that can increase the security effectiveness as the one cannot work without the other.
Of course, once the inevitable happens and a breach occurs, how the IT security team responds will be critical. This requires that the right people and response strategy must be in place if the company is to mitigate against the potential damage of the breach.
Using solutions capable of correlating data across network, cloud, email, and endpoints for a more pro-active cybersecurity environment is therefore essential. Ultimately, it is about responding faster to attacks, delivering more effective counter-measures, and keeping data as secure as possible while not impacting on operations that will be the difference between success and failure.