Cyber security awareness 'severely neglected'
Malicious insider behaviour, targeted spear-phishing and social engineering attacks are the top factors in cyber security breaches at South African corporates, says Craig Rosewarne, MD of Wolfpack Information Risk.
Much of this, he adds, is due to the value of cyber security and awareness training having been "severely neglected" by local organisations.
Rosewarne will co-present at a "Cyber security survival for your company" workshop during ITWeb Security Summit 2015, which will take place at Vodacom World in Midrand next month.
He says Wolfpack is seeing "an overwhelming demand for security awareness and customised training programmes for certain major government and private sector companies".
Companies should invest in skills development "at all levels, from senior executives to IT to users - to make them aware of the rapidly changing risk landscape, how to identify weaknesses and report incidents, and the personal and business implications of failing to apply good information security practices", Rosewarne says.
The workshop will empower delegates to understand the cyber threat landscape and determine their company's risk profile, and align their cyber security strategy with governance, risk management and compliance requirements.
Rosewarne says the majority of companies not yet aligning these elements are struggling to do so due to "complexity and a shortage of resources, especially funding, skills and time".
Two more half-day workshops are also on offer at this 10th annual information security event from ITWeb. SensePost CTO, Dominic White, will facilitate the "Next-generation WiFi hacking - new tools for hacking in a converged world" workshop, and an "E-mail security for the real world" half-day session will be presented by Rocco Donnino, executive VP: corporate development at AppRiver.
ITWeb Security Summit 2015 takes place at Vodacom World in Midrand from 26-28 May. Click here to find out more and to register.