African organisations are transforming and digitising rapidly, exposing them to significantly more cyber risk. To mitigate these growing risks, organisations need a new mindset and security paradigm shift, with a focus on resilience rather than just perimeter security.
This is according to cyber security experts speaking during a webinar on cyber risk in Africa, hosted by Rubrik in partnership with ITWeb.
Kehinde Popoola, Regional Manager and key representative for West and East Africa at Rubrik, said: “Across Africa, there is a sharp increase in digital transformation among organisations of all sizes – from small and midsize businesses through to governments. With this comes challenges – organisations are more exposed to cyber risk. They are facing a rapid increase in threats and more exposure to vulnerabilities, with increased social engineering attacks, data breaches and ransomware attacks.
“Organisations are losing confidence in their ability to withstand attacks as the attack surface widens. Fortunately, industries are becoming more aware, and cyber security and data protection regulations are being put in place to mitigate the risks,” Popoola said.
“There is a need to adopt an assumed breach mindset. Organisations must consider how well they are prepared for their backups to be attacked, and how well they can recover. Infrastructure security is no longer enough – organisations must secure the perimeter, network, endpoints and applications. They need data resiliency, data observability and data remediation capabilities. They must be able to ensure business continuity and mitigate the risk of exposure, achieve a complete understanding of where sensitive data is exposed, have ransomware immune backups and be able to restore critical data quickly for business resiliency.”
Visibility in complex environments
Filip Verloy, Field CTO EMEA and APJ Rx at Rubrik, noted that hybrid environments challenged many organisations’ ability to secure their environments.
A poll of webinar attendees found that 53% work in a purely on-premises environment, 23% in a hybrid cloud environment with a single cloud, 15% in a multicloud environment and 7% in a single public cloud environment.
Verloy said: “The Rubrik Zero Labs Report found that 90% of IT leaders are managing a distributed hybrid environment – this leads to challenges around visibility. A major issue we see is tooling has been built for data security and management in a specific environment and doesn't necessarily offer visibility and control across the entire environment.”
He said another challenge was that organisations focus their security investment on prevention, with not enough investment on recovery.
Rubrik Zero Labs research found that 93% of attacks target backups, and 73% were successful.
Verloy said: “We advocate a balance between prevention and recovery – you need to think about how you will respond if you are breached. Organisations should not neglect cyber hygiene, but they should also have a resilient plan for after a breach happens. However, our Rubrik Zero Lab report finds that organisations struggle to be resilient because of visibility challenges, data growth outpacing their ability to secure data and the fact that 80% of cyber attacks exploit legitimate access credentials to avoid detection. Achieving resilience comes down to changing the data security paradigm: data castles with moats don't exist anymore; data today is in motion like a caravan.”
Resilience from Rubrik
Eric Badenhorst, Field CTO – SSA at Rubrik, outlined the Rubrik Preemptive Recovery Engine, a unified platform built to secure data, mitigate risks, investigate threats and preserve business continuity.
He said: “Rubrik architecture differs from legacy backup and recovery architecture. Its zero trust, immutable architecture applies a cyber security and cloud mindset to withstand modern threats. It has its own operating system and file system completely undiscoverable from the network – with a native data threat engine using metadata, ML and AI to look for indicators of compromise, known attack vectors and whether sensitive data is stored incorrectly. It also has the ability to quarantine malware, determine the scope of attack and the point of infection, assess the impact on sensitive data, find and quarantine malware, and restore from backup.”
Badenhorst said while data resilience was the bedrock of a zero trust security platform, organisations also required data observability and data remediation capabilities.
Toolsets built into the Rubrik platform include data vaults with 100% immutable backups, built-in scanners and scale-out performance. It also offers encryption detection, sensitive data discovery, threat hunting and isolation and cyber recovery.
He highlighted Rubrik’s Ransomware Response Team, which offers global 24x7x365 support at 1-650-300-5962.
Share