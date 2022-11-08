Technology continues to evolve at a rapid pace and cybercrime tools and techniques are evolving just as fast. This means staying ahead of cybersecurity risks is a challenge for businesses.

As workplaces become progressively more digital, online security is one of the most important aspects to consider and should be an integral part of any organisation’s DNA.

A recent Business Day Focus 4.0 Digital Dialogue, in partnership with Logicalis SA, Werksmans Attorneys and BCX, analysed the next big threat to cybersecurity, how to prevent attacks, practices for good cyberhygiene and tactics for responding to security breaches.

Ahmore Burger-Smidt, head of regulatory practice at Werksmans Attorneys, said criminals know where data is stored and how to access it. When huge breaches occur, they affect the markets and damage customer trust. Every employee must be made aware of cybersecurity and how to protect data.

Cybercriminals misuse computer systems for cyberespionage, cyberterrorism, money laundering or malicious communication. It is often difficult to prosecute them, as attacks happen in milliseconds — an estimated 544 attacks per minute. However, criminals operate internationally and prosecution will improve with global co-operation and resources.

Burger-Smidt said the weakest security link in a company is the staff and suggested they should be empowered to be the firewall. She said e-learning is the best way to achieve this. Given that staff are responsible for 28% of security breaches, the training of every staff member is vital.

Rwanda has started motivating for unqualified staff to complete a diploma in cyberskills. Burger-Smidt said this could also be implemented in SA. With data being the “new gold”, companies have a legal duty to train staff in better security practices. Ideally, cybersecurity should be taught to anyone who starts using a device, even children.

Morné Laubscher, CTO of Logicalis SA, agreed, saying educating the general population was essential, even though security is woven into IT programs. Post-pandemic employees are susceptible to these threats, as many are working remotely and using video conferencing with access to confidential information. He was positive about the use of VPNs, but said better technology to drive security is becoming available.

A recent survey of the customer base at Logicalis found that companies’ first key performance indicator (KPI) was to pivot their company; the second was to protect their data. Criminals infiltrate a company’s system days before they attack. Employing chief information security officers (CISOs) who understand and can adapt to the rapid evolution of security issues and implement backup solutions to counter ransomware has become critical.

Small, medium and micro enterprises (SMMEs), often with smaller budgets for cybersecurity, are the top targets of cybercriminals. To protect themselves, these enterprises can be part of the security systems in which hyperscalers have invested and bring in experts to test their organisations regularly for resilience, educate their staff on cyberhygiene and use a QR system rather than passwords.

Ransomware is a real threat to many companies. In the event of an attack, Laubscher advised: “Hit pause. Call in forensic auditors and investigators, and find out the affect to your organisation. Then plan to fix it.”

