Elections 2024

Elections 2024 Guide

Advertise your job ad

When it comes to cyber security: focus on people, lose the siloes

8 Jul 2019

Ask any South African company what their major headaches are right now, and chances are that security will be near the top of the list. Not just the burglar bars and CCTV type of security, either: as cybercrime becomes more sophisticated by the day, businesses are struggling to secure their data and company infrastructures.

Daniel Lotter, Head of Innovation at Itec South Africa

Email and data security company Mimecast recently released its 2019 State of Email Security Report – and the statistics are frankly frightening. Cybercrime is on the rise, and cybercriminals are constantly evolving their techniques to steal information and disrupt businesses.

Perhaps the most concerning statistic is that people are still the weakest link in any corporate IT security system. Even in 2019, people are being tricked into clicking on fake links and email attachments, with dire consequences for their companies.

Mimecast’s report found that impersonation attacks increased almost 70% compared to the previous year – and three-quarters of the affected companies experienced a direct loss, whether loss of customers (28%), financial loss (29%) or data loss (40%).

Seems the old tricks still work the best for criminals. Ransomware, phishing and social engineering are all on the rise, with phishing attacks the most prominent type of cyberattack. Ninety-four percent of Mimecast’s respondents experienced phishing and spear phishing attacks in the previous 12 months, and 55% saw an increase in phishing attacks over the same period.

To make things worse, nation-state politics have entered the picture and are complicating things even further. A year ago, few people would have thought that going with a specific platform would potentially compromise their security. Today, you don’t even know if you can trust your hardware vendor anymore.

Focus on people

So how do businesses deal with an increasingly diverse threat landscape?

Step one is to focus on your people. Until every person in a company understands how and why they have to protect the corporate IT assets, systems and data, businesses will remain vulnerable to attack. You need to create a culture of security with a multi-layered, holistic defence system that covers people, policies and procedures.

Step two is to lose the siloes. Many businesses that we see still adopt a patchwork approach, with different applications from different suppliers tacked together loosely to try and combat different threats: a firewall from one supplier, an anti-virus from another. This isn’t just bad security. It’s bad business.

And step three is to hire an expert to help you keep IT security costs down through a holistic, intelligent approach to security. This frees you up to focus on your core business while reducing business disruptions and even taking advantage of new opportunities.