Cyber risk in South Africa

Many South African businesses are not prepared for the unpredictable and dynamic risk that cyber-crime poses. Out-of-date data and system protection policies keep businesses at a disadvantage, in a risk category that is already difficult to forecast or mitigate.

As awareness around this growing threat increases, it is imperative to stay informed about the latest breach attacks and the recommended mitigation strategies.

It affects everyone
Sizable corporate companies are not the only businesses at risk. Small and medium businesses as well as individuals are also at risk, across a wide range of industries.

Worldwide, cyber incidents have been in the news since the end of 2016 during the US presidential election and thanks to the high-profile cyber breach at Yahoo. These kinds of attacks are on the rise and are often initiated by crime syndicates or governments themselves.

The Allianz Risk Barometer for 2017 ranks cyber risk in third position, although it was only ranked at 15th in 2013. 

Another recent study reports that 66% of South African businesses expect their organisation to experience cyber-crime this year. Ransomware, insider threats and e-mail impersonation are seen as some of the most critical cyber threats.

Cyber security risks
Experts advise South African businesses to address these ten common cyber security pitfalls:

  1. Failure to identify cyber risks and implement basic cyber security controls
  2. Failure by executives to identify and understand what generates corporate cyber security risks
  3. Lack of a comprehensive Cyber Security Policy
  4. Confusing cyber security compliance requirements 
  5. Failure to recognise the importance of social engineering and the risks associated with the human factor
  6. Failure to recognise risks associated with the ‘bring your own device’ policy (BYOD) and the cloud
  7. Lack of adequate funding, talent, training and the implementation of inappropriate resources
  8. Insufficient Information Security training
  9. Lack of a business continuity and data recovery plan
  10. Failure to identify, accept and understand the rate at which cyber risks are evolving (polymorphic risk)

CMS – A prime target
Content Management Systems (CMS) are popular website software systems – especially for small to medium sized businesses, as they’re user-friendly and affordable. Unfortunately, these systems are extremely vulnerable to hacking as they are built on open source frameworks, making it easy for hackers to detect weaknesses. To make matters worse, third-party plugins and themes - popular with CMS websites such as WordPress - make these websites even more vulnerable.

Some guidelines that will help to secure your CMS-based website include: complex usernames and passwords that combine numbers and special characters with upper-and lowercase, regular back-ups of your database, using plugins for advanced authentication and updating all your plugins and themes on a regular basis.

Cyber risk mitigation
While the always-on nature of business has its benefits, the global digitalization of business, increasing interconnectivity and the Internet of Things (IoT) are putting our devices at risk and can lead to data breaches and a need for increased security.

Anti-virus and intrusion prevention systems are no longer enough. Firewalls are still overly relied on and not able to keep up with changing cyber security policies. Businesses need to seriously consider their potential risk exposure to ensure they are prepared for any potential incident.

While there is no such thing as 100% security, businesses need to implement a total cyber resilience strategy that includes security, continuity and data recovery. Continuous monitoring and early-warning systems should be implemented to best prepare for this kind of risk.

On-going training for employees will ensure they are able to recognise fake emails and suspicious links. Role-based permissions for employees with only the minimum necessary data access will limit risks without limiting their ability to perform their daily duties.

A number of safeguards can be put in place to limit the impact of a cyber-attack such as investing in trained people and dynamic technology, developing business continuity plans and understanding how attacks happen and devising a defence strategy accordingly.