How cyber security is changing in the age of the internet of things
More connected devices means greater risk, and requires a change in how we think about securing our networks, writes Saurabh Kumar
Cyber security is a significant concern for South Africans. Since the advent of devices that connect to the internet, there has been the risk that people with malicious intent can exploit holes in security systems, to steal data or carry out a destructive act like unleashing a virus or ransomware.
What has changed is the sheer number of devices that we have for business, personal and industrial use, all capable of connecting to the internet.
In the age of the internet of things, even more devices are vulnerable to being hacked. The world is becoming increasingly networked and connected, including everything from personal banking to government infrastructure. More connectivity means greater risk, and demands a change in the way we think about cyber security.
Hackers can exploit connected devices to conduct data breaches or espionage, or to damage critical infrastructure.
Vulnerabilities must be identified and external-facing devices must be secured. It must also be established what data needs protection (for instance, employees’ personal information or customer data) and how to do so.
This is vital for businesses. Trust is currency in today’s digital world and unless your customers can trust that their digital interactions with your business are secure, they will not conduct business with you.
It is helpful to be aware of some common errors or misconceptions in the industry in order to avoid them.
A security solution provider must be able to draw a distinction between internal and external threats and provide protection against both. While many threats originate from outside, the prevalence of internal threats is far higher.
Identifying and testing vulnerabilities is not an isolated, one-off task, but something that must be undertaken continuously if prevention and protection measures are to remain current and effective.
Lastly, a cyber security policy is not enough to protect an organisation against cyber threats; the controls it stipulates must be implemented across the board.
• Kumar is MD at In2IT Technologies SA.