Johannesburg, 24 May 2021
The year 2020 will be remembered for the huge upheavals caused to businesses, governments and students, as all migrated from working in an office to working remotely from home. This shift resulted in a massive migration to the cloud, which was not lost on the cyber criminals, who saw this as an enormous opportunity to cause harm. An organisation's cyber security posture is only as strong as its weakest link, and cyber criminals shifted their focus from infrastructure to people.
The increasing amount of large-scale, well-publicised breaches suggests that not only are the number of security breaches going up – they're increasing in severity as well. The 2020 Cost of Data Breach Report, sponsored by IBM Security and conducted by the Ponemon Institute, found the following data in South Africa.
The average time to identify a data breach increased to 177 days (from 175 days in 2019), and the average time to contain the data breach once identified decreased to 51 days (from 56 days in 2019). In South Africa, the three root causes of data breaches identified as a malicious or criminal attack (48%), human error (26%) and system glitches (26%).
Investments in intelligent technology resulted in lower breach costs, as companies that had fully deployed security automation technologies experienced lower data breach costs than those that didn't have these tools deployed. The study showed how costs were much higher for South African organisations that had not yet invested in areas such as security automation and incident response processes – and how complex security systems and cloud migration cost companies the most.
The report highlights the growing divide in breach costs between businesses in South Africa implementing advanced security technologies and those lagging behind, revealing a cost-saving difference of R2.5 million for South African companies with deployed security analytics versus those that have yet to deploy this type of technology.
In global findings, stolen or compromised credentials and cloud misconfigurations were the most common cause of malicious breach for companies in the report, representing nearly 40% of malicious incidents.
Some other global statistics show the following:
- Thirty-four percent of data breaches involved internal actors;
- Fifty-three percent of companies had over 1 000 sensitive files open to every employee; and
- Sixty-one percent of companies have over 500 accounts with non-expiring passwords.
Cyber criminals often use stolen passwords from one account on others, counting on some level of password re-use, and it is this re-use when part of a breach replay attack that is a frequent conduit of e-mail and cloud account compromise.
No matter how well you manage your IT infrastructure, you can't patch your way out of these people-centred attacks.
About the author:
Andrzej Jarmolowicz is co-founder and Operations Director at Cybershure. The company is a distributor of bespoke IT solutions, with offices in London and South Africa, and is a partner of Fudo Security.
Share