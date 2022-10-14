The multi-modal approach to cyber security taken by CICT (an Elvey Group company and part of the Hudaco Group of companies) involves selecting suppliers who have a proven track record in the ICT space, with emphasis on providing maximised safety and security for the online assets of businesses from SMEs up to enterprises.

As Mimecast’s sixth annual State of Email Security[1] 2022 report makes clear, businesses around the world continue to find themselves in the cross-hairs of a flurry of new cyber attacks. The report contains feedback from 1 400 IT and cyber security professionals from 12 countries, including South Africa.

Phishing was the biggest culprit: 96% of companies have been the target of an e-mail-related phishing attempt, with 65% reporting an increase in such attacks. Ransomware is also running amok.

Among the South African SOES respondents, nine out of 10 reported an increase in e-mail volume at their organisations. At the same time, three-quarters of the respondents said the number of e-mail-based threats had also risen, with 55% citing concerns over the sophistication of e-mail-based attacks.

The report highlights increased apprehension over the dire consequences of an e-mail-borne attack. A majority 67% of local survey respondents believe it is likely, extremely likely or even inevitable that their organisations will suffer negative consequences in 2022 due to an e-mail-based cyber attack.

An organisation’s cyber resilience outlines how well can it identify and prevent new threats, and how quickly can it recover from those that get through.

Interestingly, the survey highlights the benefits of adopting artificial intelligence (AI) or machine learning (ML) technologies, with 63% of respondents from companies with some type of AI or ML technology in place saying they had increased the accuracy of their threat detection; 47% said their threat prevention efforts had improved; and 53% noted that human error on the part of the cyber security team had been reduced.

Let’s unpack some of the statistics around e-mail-related attacks:

65% saw an increase in phishing with malicious links and attachments;

39% saw an increase in impersonation fraud or business e-mail compromise (BEC);

46% reported increased cases of internal threats or data leaks by compromised, careless or negligent employees;

50% detected increased cases of fraudulent use of their company’s brand via spoofed e-mail; and

37% found increased cases of misuse of their company’s brand via spoofed website.

Ransomware also has a serious effect on businesses. Respondents reported that:

60% of businesses experienced disruptions from ransomware (up from 47% the previous year);

35% of them paid the ransom – however, 43% of those that paid the ransom did not get their data back; and

An average of 11 days of downtime was incurred.

Brand impersonation remains a dire concern for businesses, and rightly so, with 37% reporting an increase in counterfeit websites. Thankfully, 98% of respondents said that they either already use or have short-term plans to use a brand protection service. Furthermore, 20% of companies are already using DMARC (Domain-based Message Authentication Reporting & Conformance), 32% are in the process of implementing the protocol, and 34% planning to do so in the next year.

Cyber attacks that spread from one infected employee to others are on the rise. When asked to name the biggest risks of employees making serious security mistakes, 78% of respondents cited poor password hygiene, 81% pointed to misuse of personal e-mail, and 67% identified use of collaboration tools. When asked what they expected their biggest security challenges to be in the coming year, 41% of local respondents said one of their biggest concerns was employee naivete.

The minority (32%) of the South African SOES survey participants said their company provides cyber awareness training on a regular, ongoing basis, with another 22% saying their company provides monthly training. More than 80% of respondents believe their company is at risk due to inadvertent data leaks by careless or negligent employees, and almost as many (77%) have been hit by an attack that spread from a compromised user to other employees.

In a nutshell, according to the report, although most of the companies surveyed are at least thinking about the need for a cyber resilience strategy, only a little more than a third have one in place. Clearly companies need to prioritise cyber security as a pressing issue and accelerate its adoption to mitigate the often-dire consequences of a cyber attack.

The best policy – cyber risk insurance

Cyber insurance, also known as cyber risk insurance and cyber liability insurance, protects businesses from the impact of cyber crime. Hand-in-glove with this, good cyber security can help with cyber insurance in multiple ways: from facilitating access to a policy approved through underwriting, to lowering premiums and reducing the likelihood of making a claim. Eighty-four percent of organisations have some form of cyber insurance, according to an independent survey of 5 000 IT decision-makers in mid-sized organisations commissioned by Sophos.[2]

There are three main benefits to having cyber insurance:

Financial. The insurance covers costs in the event of a cyber incident; Operational. The insurance team provides immediate access to experts in the event of an incident, including IT forensics specialists, privacy lawyers and PR professionals; and Peace of mind. Having cyber insurance gives confidence to customers, partners, suppliers and employees that a business is prepared and covered should a cyber incident strike.

While cyber insurance claims can be triggered by a wide range of incidents, the most frequent cause of claims, according to NetDiligence’s Cyber Claims Study 2020, are four common threats: ransomware, social engineering, hackers and business e-mail compromise (BEC).[3]

There is a direct relationship between cyber security and cyber insurance, so having strong cyber defences in place can help in a number of ways. Good cyber security can:

Make it easier to get cyber insurance; Help reduce premiums; Reduce the likelihood of making a claim – and inducing higher premiums in the future; Reduce the risks of non-payment; and Minimise the impact and cost if an incident occurs.

By deploying the right software and systems, cyber security will be enhanced, with a positive influence on favourable consideration by cyber insurers.



Sophos Managed Detection and Response (MDR) enables organisations to achieve many of the cyber controls that are key to insurability. With Sophos MDR, businesses benefit from both an expert threat hunting and neutralisation service and advanced protection technologies:

24/7 threat hunting, detection and response service delivered by Sophos expert operators.

Sophos extended detection and response (XDR) tool, enabling users to access live and historic data across their endpoints and the wider environment for macro-level assessment and granular deep dives.

Sophos Endpoint protection software, giving users world-leading cyber security for their devices and workloads that stops more threats, faster.

Similarly, the Sophos Managed Threat Response (MTR) service is a fully managed service. Combining endpoint and network visibility can aid in a variety of use cases, including:

Detect threats at the edge;

Identify threats on the wire;

Augment investigations with enhanced telemetry;

View untrusted traffic; and

Additional prevention and oversight for non-MTR managed devices.

Sophos MTR Advanced customers can fully deploy Sophos XG Firewall across their environment or deploy XG Firewall in tap mode, while utilising a non-Sophos firewall. In addition, they have the option to deploy the MTR Network Sensor to gain network telemetry.

Cyber security comprises several elements that work together to provide the strongest defence against attack and optimum recovery post-event. The CICT team customises integrated solutions that provide businesses with an arsenal of defence mechanisms.

