South African companies are warned that cyber crime is set to increase in 2013 and will place their profitability, their competitiveness and perhaps even their existence at risk.
An alarming fact is that South Africa hosts the third-highest number of cyber crime victims in the world, behind only Russia and China, according to the recently released Norton Cybercrime Report for 2012.
The report also shows that cyber crime is growing at rates never seen before. It states there are 556 million global victims of cyber crime per year, which equates to over 1.5 million victims per day, or about 18 victims per second. Furthermore, Norton puts the global price tag of consumer cyber crime at $110 billion.“These statistics are astounding, but to put it in a local perspective, The South African Cyber Threat Barometer 2012/13 puts the total direct losses to cyber crime in South Africa between January 2011 and August 2012 at R2.65 billion. Of this, an estimated R662.5 million was not recovered,” says Hedley Hurwitz, MD of Magix Security.
With cyber crime growing unabated and little help from government to deal with it, it is up to business to tackle this problem. Hurwitz says cyber crime is set to increase in 2013 for four primary reasons.
The latest employment statistics show that unemployment is up, and if the recent census data is correct, unemployment is even higher than the figures supplied by Statistics SA. More people without work quite simply means more soft targets for syndicates.
Internet and mobile access continues to grow
With more people online and accessing the Internet via their cellphones, companies have to continually add new security measures to protect themselves. However, the more complex the access and authentication controls, the bigger the loopholes and vulnerabilities that cyber criminals can take advantage of.
“The reality is that syndicates are at an advantage because they work full-time focused only on finding ways to find and exploit vulnerabilities,” adds Hurwitz.
Insider threats grow
The primary threat to business is from insiders who are working for syndicates or for themselves. Most often it is middle and senior managers with access to sensitive information or corporate bank accounts, who feel justified in stealing from their companies.
“If you're under financial pressure and someone offers you R10 000 for a copy of your company's client database, many people will comply,” notes Hurwitz. “It's not like you're taking the database, just a copy; nobody gets hurt and you get an unofficial bonus.”
SA lags in insider threat awareness
Insider fraud has always been seen as a cost of doing business, but with the realisation of the actual costs involved, companies are starting to pay attention to it. “In a perfect world, we can simply trust our employees,” says Hurwitz. “In the real world, however, trust must be earned.”
As revenue declines and business leaders are forced to focus on cutting costs, 2013 will be the year of increased focus on cyber crime in all its forms. “This is a risk companies will have to mitigate through a variety of means,” says Hurwitz. “However, in mitigating cyber crime, businesses will be pleasantly surprised at the amount of money they will save. In larger companies, the money saved can translate into millions of rands added directly to the bottom line.”
Magix Security is an enterprise risk management company that specialises in identifying and eliminating risks and threats that emanate within organisations. The company provides technology-assisted information security, IT risk management and IT compliance services and solutions to a wide array of businesses and organisations across South Africa. Its technology-based solutions help detect and prevent the abuse of data, and misuse of applications, IT assets, and authority. In doing so, Magix Security helps its clients to eliminate the “insider threat”, where the bulk of transgressions are known to occur and originate. It also helps clients manage their compliance and governance, eliminate fraud, information leakage, acts of sabotage, collusion, and bandwidth abuse.
Magix Security is a privately-owned, South African-owned company with offices in Johannesburg and Cape Town. Further information can be found at http://www.magix.co.za.
Our comments policy does not allow anonymous postings. Read the policy here