Hiding under false sense of security

By Tracy Burrows, ITWeb contributor.
Johannesburg, 14 May 2014
Many enterprises think that because they are at the 'bottom end of Africa', they are not at risk, says StarLink SA sales manager, Wayne Donnelly.
Many enterprises think that because they are at the 'bottom end of Africa', they are not at risk, says StarLink SA sales manager, Wayne Donnelly.

Many South African enterprises are labouring under the illusion that they are not at risk of being targeted by cyber criminals, and that traditional approaches such as anti-virus, perimeter and unified threat management solutions are still adequate, says StarLink SA sales manager, Wayne Donnelly.

"We find that many enterprises think because they are at the 'bottom end of Africa' or do not have extensive financial information in their databases, that they are not at risk," says Donnelly.

"This is a fallacy. Now, it is not a case of 'if you get breached', it is 'when you get breached'. In many cases, enterprises have already been breached, and are being monitored quietly from within. Even enterprises that believe they have little information of value to attackers can become a means to an end for criminals, as they can be used as a doorway to the real target - their customers or business partners."

Donnelly says multiple breaches occur daily, but South African legislation does not enforce full disclosure, so contributing to the false sense of security.

"These breaches are happening in the background, but people don't realise how often it is happening, nor do they have true visibility of the extent of their vulnerabilities. So they tend to view information security as a grudge purchase or 'insurance policy' and take the approach that they will cross their fingers and hope for the best."

StarLink, now stepping up its presence in SA and across Africa, says it sees a significant increase in the threats facing local enterprises.

"The threat landscape has changed significantly in recent years," says Donnelly. In SA and across Africa, new connectivity and a massive swing to mobility are adding to the new risk, while changing tactics by global cyber criminals means strategies that were appropriate only two or three years ago are now obsolete.

ITWeb Security Summit 2014

Now in its ninth year, the ITWeb Security Summit is southern Africa's premier information security event for IT and business professionals. It is presented by ITWeb, SA's leading technology-focused publisher, with media products and services that span online, print and events. The ITWeb Security Summit 2014 is endorsed by ISACA and (ISC)^2 Gauteng Chapter and will be staged at the Sandton Convention Centre from 27-29 May. For more information, go to Join the conversation on Twitter at #itwebsec.

"The traditional perimeter approach is no longer effective, and enterprises have to move from being reactive to being proactive. The most effective model now is a defence in depth approach. Enterprises need full visibility of what is happening within their environment, in addition to traditional solutions," says Donnelly.

StarLink will participate in the upcoming ITWeb Security Summit.