The concept of a zero trust approach to cyber security has obliterated the notion that there is a secure perimeter in any business that is defended with conventional solutions like firewalls, etc.
Although the “castle and moat approach” remains essential in security maturity goals, we now work from the assumption that malicious actors are already inside the castle.
The dwell time for threats in a corporate network is estimated to be as high as 800 days. This means the threat enters the system and remains dormant for months or years before acting.
Traditional security systems do not have the intelligence required to root out these lurkers before they strike. Malicious insider threats − such as disgruntled employees, corporate espionage, or foreign government agents − are examples of what must be guarded against.
Globally, businesses have seen a massive spike in ransom demands and South Africa is not immune to this trend. As reported on by ITWeb, Interpol’s African Cyber Threat Assessment Report 2022 reveals a total of 230 million cyber threats were detected in SA, of which 219 million, or 95%, were e-mail-based attacks.
The best way to withstand evolving threats and develop cyber resilience is through a layered security approach.
SA is already suffering from an alarming 100% increase in mobile banking application fraud and is experiencing on average 577 malware attacks every hour. The main factors making SA a major target include lack of investment in cyber security and low cyber awareness, made worse by antiquated laws with little or no enforcement training.
The impact on business is immense. When an endpoint is attacked, users and IT departments experience a 37% drop in productivity, according to the Ponemon Institute. On average, ransomware is reported to cause over 16 days of operational downtime.
No organisation can afford to suffer extensive operational downtime and potential impact of the loss of customer confidence, with 51% of businesses citing this as the outcome of operational downtime. The consequences extend far beyond this when it comes to regulatory compliance and the hefty penalties on transgression.
Seeking solutions
New technologies bring great advances in tandem with creation of new and more advanced cyber threats and risk. For example, cyber criminals can use 5G as a means of extracting data much faster, leaving companies with little reaction time.
Moreover, it is predicted that within the next five to 10 years, quantum computing will make it possible to pick every cyber security lock imaginable, with two-factor authentication projected to be redundant in that time frame.
The great cloud migration will continue with companies increasingly moving to the cloud, and in doing so, become increasingly dependent on third-parties, giving these providers data, credentials and access.
Not all third-parties and providers are created equal, with poor internal cyber security practices, policies and solutions leaving organisations exposed.
Human behaviour continues to be a top security challenge that exposes companies to phishing campaigns, social engineering and other malicious attacks. In fact, 53% of breaches are reported to be caused by simple human error from the enterprise’s own employees. This obviously applies to businesses, OEMs and service providers alike.
Tomorrow’s threats cannot be thwarted with yesterday’s strategies, so organisations must consider multi-layered security strategies and new digital capabilities in the cloud. It is time to give cyber security a reboot and begin building cyber resilience.
The best way to withstand evolving threats and develop cyber resilience is through a layered approach, using proven security technology that covers multiple threat vectors and is constantly innovated.
Solutions must provide network security, data protection and recovery, as well as advanced developments in machine learning and other technologies, to protect critical information. A multi-layered approach is simply the best strategy for keeping the bad actors out and avoiding operational downtime.
There is no question that edge protection strategies will differentiate cyber-secure companies into the future. Protect and secure the edge, including humans, information and machines, regardless of the perimeter − everything must be secured.
The number of endpoints is exploding, and the bad actors are most likely already entrenched. Organisations need to leverage advanced technologies, especially automation and artificial intelligence, to sift through the vast volumes of information required to predict and detect threats. Companies must protect against known and unknown threats with speed and accuracy.
Share