Early warnings essential to infosec success
While the advent of King III and the Protection of Personal Information Act have spurred major improvements with regard to information security, business and IT leaders are still not doing enough.
This is according to Vernon Fryer, chief technology security officer at Vodacom, who believes the top priorities for infosec decision-makers are monitoring security events in real-time, improving their patch management processes, and creating better awareness of the risks inherent to inadequate security measures.
Fryer will present on: "Cyber hunting - knowing the lay of the land and where attackers hide" at ITWeb Security Summit 2015 in Johannesburg next month.
Fryer will join other South African infosec leaders sharing their expertise in combating the challenges being experienced by local corporates in today's threat landscape.
Among them are Steve Jump, head: corporate information security governance at Telkom, who will concentrate on the need to develop cyber threat dashboards for the board. Also on the programme is Jason Jordaan, founder and principal forensic scientist at DFIRLABS, who will draw on his digital forensics experience and reference recent attacks on Gautrain and Eskom to expand on the shortfalls of law enforcement strategies, and show how to successfully counter organised cyber crime.
Commenting on current trends in the cyber threat landscape in Africa, Fryer says: "Over the past 18 months, we have detected a marked increase in DDOS attacks against Nigeria, Tanzania, Zambia and Kenya. South Africa is very much the same as Nigeria. We are detecting an increase in botnet traffic and digital ransomware is more mature. Most of the malicious threats are coming from Russia via the US.
"Vodacom has the largest security operation centre in Africa. We are monitoring more than 126 countries in our SOC [security operations centre], which gives Vodacom early warnings and the ability to mitigate DDOS attacks. Over the last six months, all network operators have been facing the same vulnerabilities.
"Mail spoofing and social media are the new 'greenfields' for identity theft. DDOS still remains the number one for South Africa and Africa," he adds.
ITWeb Security Summit 2015 takes place at Vodacom World in Midrand from 26-28 May. Click here to find out more and to register.