SA cyber security, compliance inadequate as criminals gain ground
- A single successful attack on a single unprotected device can prove crippling for an organisation.
- Countries in the world’s top 10 in terms of cyber security maturity keep getting better, while South Africa lags.
- Average time to detection is 287 days, and most organisations find out about it from third parties.
- Gijima to host virtual sessions on understanding zero trust in enabling business resilience and how you can re-architect your security landscapes post the COVID-19 outbreak.
Except for pockets of excellence, much of South Africa is falling further behind the world in terms of cyber security preparedness, and with it, business resilience.
According to 2021 data published by Comparitech, South Africa achieved a risk score of 20.29, a small improvement from 34.39 in 2019, but South Africa moved further down the list, which means we are not keeping up. By comparison, Denmark improved from 12.04 in 2019 to 3.55 in 2020 and remained in first place.
In a conversation with renowned cyber security expert and Specialist Sales Executive: Security at Gijima, Lukas van der Merwe, he notes that recent high-profile attacks illustrated not only the vulnerability of local organisations, but also the impact that attacks can have on business operations. “As we have seen, a single successful attack on a single unprotected device can prove crippling for an organisation,” says Van der Merwe.
Based on the Comparitech data and Van der Merwe’s assertion, it goes without saying that many South African organisations – even large enterprises – often do not attend to even the most basic cyber security controls. There are, however, pockets of world-class excellence, such as major banks in the country. “Overall, South Africa appears to be lagging the rest of the world in this regard. Countries in the world’s top 10 in terms of cyber security maturity keep getting better, while those at the lower end continuously get worse. We are not where we should be; and anyone who says they haven’t been breached may just not be aware of it, since the frequency and sophistication of attacks make it inevitable,” he says.
According to Van der Merwe, organisations with inadequate security infrastructure may well have been breached or have malware in their environment. He notes: “For example, IBM reports that the average time to detection is 287 days, and most organisations find out about it from third parties. Not everything is as obvious as ransomware, which is immediate, absolute and can’t be missed. But a data breach with the quiet exfiltration and sale of data could potentially be far worse.”
Van der Merwe, who has worked in the field of cyber security in countries such as the United Kingdom and is a thought leader and sought-after speaker in everything cyber security, asserts a lack of proper security and data governance also means many organisations may not yet be compliant with the Protection of Personal Information Act (POPIA). “The extent of the challenge to identify and classify information and put access roles in place – which is necessary both for POPIA compliance and a zero trust environment – is such an immense task many cannot get their heads around it. A number of organisations are simply not POPIA compliant, and there is still a lot of work to be done.”
The question, however, remains: Is the implementation of advanced cyber security defence and an effective zero trust framework a solution? How prepared are companies in investing in such a solution?
“Only a handful of organisations are implementing a zero trust framework and investing heavily in cyber defence. For most, it seems prohibitively expensive and complex,” say Van der Merwe. He believes if you decide to do it in-house and using a go-alone approach, this is an intensive project that could run months before seeing results, and it’s a never-ending process as new threats and technologies emerge. “This is where managed service providers such as Gijima offer significant value – with shared investment lowering the barrier to entry, and skills on board to support the entire spectrum of controls and technologies.”
Gijima’s capabilities are the result of the acquisition of T-Systems South Africa’s cyber defence centre as well as over 10 years of diligent investment in skills and processes. “At the core of our end-to-end security portfolio is advanced cyber defence, which is supporting major enterprises in South Africa, Europe and North America. However, this enterprise-grade advanced cyber defence is accessible to even smaller and mid-sized organisations: Our smallest customer has only around 60 employees,” he concludes.
Gijima, one of South Africa’s level one AAA+ B-BBEE status ICT providers, will be hosting a virtual discussion on the advanced cyber defence security capabilities and zero trust framework. This discussion will be breaking down the various steps into the zero trust framework and how cyber security is a component of building business resilience in the evolving age where businesses have been forced to implement changes in their approach to security because of employees working remotely.
If you are interested in the virtual discussion on understanding zero trust in enabling business resilience, you can express your interest to join their series of roundtables that will focus on re-architecting security landscapes post the COVID-19 outbreak, by registering here https://www.itweb.co.za/microsite/gijimabusinessresilience/webinar.