Subscribe

Businesses ill-prepared for cyber attacks

Kirsten Doyle
By Kirsten Doyle, ITWeb contributor.
Johannesburg, 06 Dec 2016

ITWeb Security Summit 2017

Registration is already open for the 2017 Security Summit: six international plenary speakers, #SS17HACK launch, three training courses to choose from, and much more. For the complete agenda, click here.

Today's sophisticated threat landscape, where attackers are increasingly cunning, and threats ever more complex, is driving the need for threat management.

Traditional security tools are inadequate against targeted, blended threats, which combine various strains of malware, and attacks that target individual parts of the network at the same time. This particularly true as businesses are using multiple solutions and vendors for individual security tasks, as each aspect needs to be managed and updated individually, to be updated and able to handle the newest strains of malware.

What is needed is threat management. "Threat management is more around processes and is not specific to a vendor or product set, it is body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorised access," explains Peter Oeschger, head: Information Technology, at the South African Bank of Athens.

Oeschger will be presenting on threat management at the ITWeb Security Summit 2017, to be held from 15 to 19 May at Vodacom World in Midrand.

Speaking of what businesses are doing wrong in terms of threat management, he says: "Most are basically just not doing it period. Currently, only government and financial institutions are doing it at a level that it should be done at. The issue is that cybercrime is now driven by organised crime and attacks are not limited to government and financial institutions.

What should they be doing differently? "They need to start doing it for starters. Start with the basics first, smoothing, such as organisational patch management on a weekly or monthly basis."

Delegates attending Oeschger's talk can expect to gain a clear understanding of the basic steps that need to be taken to secure their organisations, and will be given some real world examples of how both individuals and organisations are defrauded in South Africa.

Share