Sponsored
Picture: 123RF/IPOPBA
Picture: 123RF/IPOPBA

There has been a rise in cyberattacks globally and SA has not been spared. There have been some notable examples, showcasing how unpredictable the world has become, heard a recent FutureProof event on cybersecurity, hosted by Dimension Data in association with Business Day.

Governance expert Prof Mervyn King, senior counsel and a former judge of the Supreme Court, said local organisations could be divided into two types: those that had been hacked and those that had not.

The greatest risks facing businesses in the 21st century, he  said, are climate change and cybersecurity. If a business’s systems are not secure, then the business itself is not secure.

IT governance and cybersecurity need to be on the agenda of every board meeting, and every company needs a system to back up data and a disaster recovery plan should a data breach occur, he said.

The recent NTT Dimension Data 2021 Global Threat intelligence report shows that the finance, manufacturing and healthcare industries are the most vulnerable, with 62% of all cyberattacks happening in these sectors.

The report is produced annually by NTT, the global technology services provider, and identi­fies actual and emerging cyber-threats that organisations are facing globally. It provides operational, tactical and strategic recommendations for managing risk.

An expert panel comprising Warren Small, global head of security sales and innovation at NTT; Itumeleng Makgati, group executive for information security at Standard Bank; Celia Mantshiyane, chief information security officer at Coca-Cola Beverages Africa; and Seshni Moodley, principal head finance: intelligent security at Dimension Data MEA, discussed how organisations can stay ahead of the curve and become cyber-resilient.

Small said cyberattacks prevented organisations from being productive. The objective of a cybersecurity strategy, he said, is to lower risk and to ensure that effective controls are in place to minimise these risks and maintain the integrity of the business. Essentially, this requires measuring an organisation’s digital identity and footprint and then mapping that back to its risk. He warned against following a tick-box approach to cybersecurity.

Have a strategy in place

Cybersecurity strategies have been put to the test in the past 18 months, said Makgati. Given that cloud computing is core to digital transformation, organisations need to have a cybersecurity strategy in place to ensure that cloud computing is done securely. A good starting point, she said, is to have a comprehensive understanding of the business’s risk profile and where its data is exposed before deciding what tools and technologies should be employed to mitigate those risks.

Fearing reputational loss, many businesses don’t report a cyberattack and instead simply pay the ransom, she said. In the past 18 months, Standard Bank has seen a significant migration towards digital transactions. However, with this comes a responsibility to ensure that customers’ data is protected.

Mantshiyane said cybersecurity should not be regarded as a cost to an organisation but rather a value add — one that helps an organisation reach its objectives. In fact, cybersecurity feeds into the bottom line.

Cybersecurity can be expensive, but she urged organisations to use their people as their first line of defence and to learn from their peers.

The impact of a modern cybersecurity breach can be significant and includes financial loss as well as reputational and brand damage, eroding customer trust. According to Moodley, three out of five customers are more likely to cancel services with a company that has suffered a cyber-breach.

The implementation of recent privacy laws — including the EU's General Data Protection Regulation and, locally, the Protection of Personal Information Act — means organisations are now required by law to protect their customers' and stakeholders' personal data, she said.

There is a global shortage of cybersecurity specialists. Where organisations don’t have the necessary skills or budget to afford the technology, Moodley recommended working with key service providers to understand the threats.

Watch the full discussion below:

Also watch the previous episodes in the series:

This article was paid for by Dimension Data.

subscribe

Would you like to comment on this article or view other readers' comments?
Register (it’s quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.