As cyber criminals are continuously changing tactics, increasing in their persistence and growing their abilities, the nature of the cyber threats has evolved.
This is according to Ken Allan, global cyber security leader at EY, who notes attackers are becoming better funded and more patient.
The commercial and the industrial part of that side of the equation is also becoming more sophisticated and connected, adds Allan.
Therefore, he notes, to get ahead of cyber crime, companies need to start adopting a proactive approach to information security.
"What they need to do is get more active - go out there look for threat intelligence, think of who might want to attack the organisations -assess the threat landscape to understand the most likely threats and method they may use."
This can then help the organisation to be in a better place to make choices on how to detect, defend and contain the malware and other threats, he continues.
Although organisations are making progress in trying to mitigate cyber threats, there is a need for considerable improvement, says Allan.
He points out organisations need to make it harder for cyber attackers to get into their networks. Allan advises organisation to not look at protecting themselves the same way as other firms - but to find a bespoke solution.
According to a recent EY global information security survey, cyber incidents will not be a one-off, no matter how complex or simple, targeted or random they may be, or appear to be.
The early subtle signs and the cumulative impact of repeated attacks must be understood and factored into planning and risk-appetite, it adds.
Justin Williams, executive director, advisory sales at EY Africa, says the survey found SA has a higher threat profile than most counties across the globally and a well as lack of skills to defend the enterprise from the threats.
The study involved 1 755 respondents from organisations in 67 countries including SA.
Some 57% of respondents globally and 76% in SA found lack of skilled resources to be challenging information security's contribution to the companies.
Williams believes SA needs to start looking for ways to fast track skills development to close that gap.
The threat landscape is increasing exponentially, and if we do not something different to close that gap we are going to increasingly have more of a problem as time goes on," he adds.
"With SA's culture of entrepreneurship being driven by the Silicon Cape initiative - the start-ups should try to avoid a position where they are developing innovative solutions that no one will trust due to lack of security."
SA should take notice of what is happening globally but invent solutions that work in the South African landscape, he concludes.
Share