A paradigm shift is needed for organisation to deal with cyber threats, as the use of traditional security measures has led to organisations increasingly losing the battle.
So said Michiel Jonker, director: IT advisory at Grant Thornton, speaking at the ITWeb security summit 2016 in Midrand yesterday.
Jonker believes organisations today are operating in a volatile, uncertain, complex and ambiguous world. Companies are dealing with systemic risks, and to win the cyber security battle, IT security professionals need to expand their thinking, he said.
The present-day model of applying 'best practises' to address cyber security is no longer enough, Jonker pointed out. A new approach designed to deal with threats for IT security professionals is needed.
Organisations need to stop dealing with cyber space as if it is a simple or uncomplicated system when in reality it is a complex system, noted Jonker.
"Without changing how companies look at cyber security, it is impossible to effectively address the problem."
Oupa Mbokodo, director internal IT and IT advisory at Grant Thornton, told the event that a global survey by Grant Thornton revealed one in six businesses have experienced a cyber attack in the past year - costing businesses $15 billion globally.
Moreover, 10% of South African private sector businesses have experienced a cyber attack in the past year (15% globally).
The results found that nearly half of SA businesses have no detailed cyber security strategy in place to address any potential cyber attacks (45%), while just over half (52%) of businesses globally did have a strategy in place, said Mbokodo.
Jonker noted in 2014, 32 records per second were stolen - and businesses were not equipped to prevent this.
With companies like Google and Facebook driving the increasing of the global population accessing the Internet (from 3 billion to 7 billion) - the exponential growth of Internet users will have a negative impact on cyber security, he said.
According to Jonker, although the rapid adoption of technologies like the Internet is an initiator for permanent change in society, it also has a negative impact.
Today, organisations can't prevent security incidents occurring with the three billion people that exist on the Internet, said Jonker.
The increase in Internet users and the integration of all systems (Internet of things) is going to exacerbate the cyber security problem, he added.
Firms need resilient systems that report real time when an attack is happening, said Jonker.
In the future, organisations are going to rely more on early detection of a breach, as well as breach containment and corrective solutions, he said.
Share