Johannesburg, 17 Jun 2020
Traditionally, cyber security was perceived as a preventative programme – one that mitigates threats to existing technology and one where IT infrastructure’s key focus was based on the functionality of the application, the network, the sever and more. However, as the corporate landscape changed and technology created a more connected world, and as data breaches continued to rise, it is easy to see why organisations are apprehensive to implement new technologies into their operations and offerings. In a new reality, a threat is likely to occur if it has not already, and the threats are becoming more advanced.
Herman Kriel, GM for Data Protection at CyberTech, says: “Emerging technologies are essentially changing the meaning and significance of security, and as a result, there is no such thing as “secure” anymore. When evaluating emerging technologies like blockchain, artificial intelligence, the Internet of things (IOT), autonomous systems and more, it shows every indication that network security, information security, encryption and vulnerability management are necessary tools. The growing security threats have no obvious front, borders or armies and with countless annual cyber attacks, cyber crime has become a real threat to everyone today.”
Kriel states: “We need to work on our digital behaviour. We are slowly migrating from a paper-based world to a more digital approach. Nowadays, we are exposed to more data. Spending a day on the Internet, an average person is exposed to more data than they would have been in a year, a couple of years ago. We are still under the impression that we are working with documents in a protected way because we printed a document, when in fact that document has a digital journey and could have been attacked anywhere along the route before it was printed. Our approach needs to change in this digital era in which we are living. We need to be vigilant around the data and not specifically the documents.”
We also grew up thinking that a signature is something that you physically need to put on a piece of paper. That is no longer the case. As a result of the 2020 pandemic, with employees now having a remote home offices – signing simple documents like contracts might not be signed physically, forcing businesses to find secure alternative tools. Now the challenge becomes how do we engage the data in an electronic environment? How do we protect that data? What do we require to ensure that if I signed a document, it can be confirmed that it was me who signed it? If I sent out a document, how do I ensure that the document is received on the other side by the right people? How do I guarantee that the people who are in my environment are the right people?
According to Kriel, there are several products within the CyberTech stable that can assist in this regard. SigniFlow has been utilised with great success in the managing and digitisation of documents, while the Galaxkey product offering ensures that data is communicated correctly and kept secure in your organisation’s cloud. Last, but not least, the digital ID solution, MyID, ensures the people in your network are the ones who are supposed to be there.
It is very important to remember that, ultimately, technology should be an enabler for us – making our lives easier. Kriel points out the way we should approach it is – what can it do for me? He lists three criteria, first and foremost: how can technology identify me to be in the relevant environment? Secondly, how do I protect my data – meaning, how do I sign something and make sure that it was not tampered with? And thirdly, how do I communicate that information? When it leaves my organisation, how do I guarantee that it is sufficiently protected? He feels that our whole approach needs to change. We usually look at encrypting data when it is “at rest”, in other words, stored in a database. We seldom look at data when it leaves our organisation. The security needs to travel with the data when it leaves your office. You need to ensure that no matter where your data goes, it's protected.
This type of protection requires a multi-layered approach. Businesses need to ensure their data is secure and protected by including various safeguards, like firewalls, anti-virus software and, ultimately, encryption. Encryption is the final level of data protection. Even if your data is stolen, the culprits would need the key to “unlock” it. Your business can continue as usual, because your data has been encrypted on your side and cannot be decrypted and used. Mobile technology is a prime example of the need for vigilant cyber security. Mobile technology is available anywhere, anytime, anyplace. You, as the consumer, need to be sure that the source of information is in fact the correct one (ie, banks) and that the data being sent to you is protected through encryption. Imagine your cellphone being stolen and all the sensitive information that is now at risk.
Kriel concludes by saying: “If we embrace technology to help us with technology, we will be able to do things faster, quicker and safer. If you apply it correctly, you will always benefit from it. Rely on the right technology to help you navigate the digital highway safely.”
Share