Geographical location no longer makes a difference in terms of cyber crime, according to Junaid Amra, associate director for cyber security and incident response at PwC.
Speaking at ITWeb Security Summit 2016, at Vodacom World in Midrand yesterday, Amra examined some of the key themes that come up when looking at the global state of cyber crime.
"If you are sitting in Africa, it doesn't mean you are immune to certain types of cyber crime all the time," he told the audience.
Amra explained that cyber security is now a business issue: "There is no need to battle to get the business sector to accept responsibility for coming up with a contingency plan."
He added cyber crime is no longer specific to a particular industry. "Previously, it was specific to industries like the financial sector but now there is a lot more information that can be monetised. For example, customer information can be monetised, especially in the black market."
According to the PwC Global State of Info Security Survey 2016 and the Global Economic Crime Survey 2016, cyber crime continues to escalate in a hyper-connected business ecosystem, jumping to the fourth most reported economic crime.
The survey shows that in terms of the South African market, 32% of respondents said they were victims of cyber crime in the last year, while 57% said they expect to be victims in the next two years.
What's concerning is that only 35% of respondents have a cyber incident response plan, Amra noted. "Most companies are still not adequately prepared for or even understand the risks faced, and the make-up of this team varies wildly."
Only 28% of the South African respondents said they have a digital forensic investigator, according to Amra.
Although global statistics show the majority of respondents (65%) say they collaborate with industry partners to improve information security, the same can't be said about South African organisations.
The reason for this is that SA doesn't really have regulation that allows for information sharing for security purposes, explained Amra. All those markets where there is prevalence of sharing information, the regulation is much stricter, he said.
However, "we will see this change once the Protection of Personal Information Act regulator is appointed and the Cyber Security Bill gains some traction".
Share