Shielding your business: Expert insights on cyber security readiness

Johannesburg, 31 May 2024
Siarhei Fedarovich, Expert, IBA Group.
Siarhei Fedarovich, Expert, IBA Group.

In an exclusive interview, we posed six important cyber security questions to our expert, Siarhei Fedarovich, who shared his insights on the evolving threat landscape, effective strategies and recommendations, and data protection measures for businesses.

1. Given the rise in cyber attacks lately, have you noticed if there has been an uptick since the introduction of AI?

Indeed, as technology evolves, cyber attacks are getting more widespread and sophisticated. Regarding the use of AI in these attacks, there are some trends worth noting:

  1. Automated cyber attacks: AI and machine learning allow cyber criminals to automate attack processes, making them larger in scale and more effective. For example, AI can help create tailored phishing messages or adaptively bypass defensive measures.
  2. Threats from autonomous cyber attacks: The ability to launch autonomous attacks, where AI makes decisions and adapts to the environment independently, is a significant cyber security threat. AI-powered botnets, for instance, can carry out massive distributed attacks without human intervention.
  3. Attacks on machine learning models: This involves tampering with training data to manipulate model outputs or crafting adversarial attacks aimed at breaching systems protected by machine learning.

While AI can be used for both defence and offence, it's still unclear if the overall number of cyber attacks has risen specifically because of AI. Nonetheless, the use of AI in cyber crime poses a serious threat, underscoring the need for continuous improvement in detecting and defending against such attacks.

2. How can organisations effectively train their staff in cyber security?

To ensure our staff are well-versed in cyber security, we've crafted comprehensive training programmes that cover all facets of information security. We make learning interactive and engaging through webinars, workshops and hands-on exercises. Our focus is not just on the basics; we delve into industry-specific security concerns relevant to our sector. We regularly update training materials and assess progress to keep pace with evolving threats and the needs of our team. Cyber security is an ongoing journey, not a destination, so we emphasise continuous learning and reinforcement to keep our staff vigilant and informed.

3. Could you offer some professional cyber security recommendations specifically designed for businesses?

Develop a cyber security strategy: Formulate a policy and cyber security strategy encompassing protective measures, monitoring, staff training and incident response.

Educate staff on cyber security: Conduct regular training for employees on information security fundamentals, as well as specific threats and protection methods tailored to your industry.

Update software and secure devices: Regularly update operating systems, applications and anti-virus software on all devices within the organisation.

Encrypt sensitive information: Conduct regular security audits, monitor network traffic and system logs to detect anomalous behaviour.

Develop an incident response plan: Establish a cyber incident response plan encompassing detection, response, recovery and lessons learned.

Perform regular security assessments: Conduct penetration testing, vulnerability assessments and other security checks to identify vulnerabilities and address them before they can be exploited by malicious actors.

Seek professional assistance: At IBA Group, we continuously analyse cyber security trends and closely monitor the evolution of technologies and methods used by attackers. Our team of cyber security experts constantly updates protection methodologies and tools to stay ahead of potential threats. We also understand that each company is unique, so our approach to working with clients is individualised. We meticulously analyse their infrastructure, current security posture and operational specifics to develop the most suitable and effective protection strategies. Our goal is not just to provide clients with standard solutions, but also to create unique, precisely tailored solutions that meet their needs and requirements.

4. What types of data are particularly challenging to safeguard against cyber attacks? Any recommendations to mitigate these risks?

The most challenging data to protect from cyber attacks includes user confidential information, intellectual property and key infrastructure. To prevent breaches of confidentiality and data leaks, we recommend implementing data encryption, multi-layered protection, staff training, monitoring and auditing, regular security updates as well as raising awareness among employees about the latest threats and defence methods.

5. What should be the comprehensive approach to safeguarding business data?

A comprehensive approach to safeguarding business data is essential for ensuring information security in today's digital world. This approach involves several key measures. Firstly, it's imperative to establish and enforce a robust cyber security policy encompassing all facets of data security – from backup protocols and encryption practices to access management and incident response strategies. Regular backups and recovery drills are essential for swift restoration in the event of cyber incidents. Data encryption serves as a vital shield against unauthorised access to sensitive information. Moreover, effective access controls and ongoing employee training on cyber security fundamentals help mitigate internal risks. Proactive monitoring and threat detection ensure swift incident responses, while a well-defined incident response plan provides a structured framework for resolution. Continual refinement of cyber security policies and procedures is key to staying ahead of evolving threats and maintaining robust data protection.

6. How to detect a cyber attack?

Identifying the inception of a cyber attack may present challenges, yet there are several discernible indicators to heed:

Unusual system log activity: Anomalies such as failed login attempts, unauthorised access to sensitive data or modifications to system files warrant scrutiny as potential precursors to a cyber attack.

Anomalous network behaviour: Sudden spikes in network traffic, unauthorised attempts to access network resources or attacks on network services may indicate the initiation of a cyber attack.

Emergence of suspicious communications: Phishing e-mails, malicious attachments or links and other dubious messages merit scrutiny as potential signs of a cyber attack initiated through social engineering tactics.

Unexpected changes in systems or applications: Instances of newly introduced software, configuration alterations or unexpected shifts in system and application behaviour, and absent administrator approval should raise suspicion of compromise.

Security system alerts: Notifications from security monitoring systems detecting aberrant activity or potential intrusion attempts should be regarded as early warnings of a potential cyber attack.