The festive season is a time for celebration and relaxation. However, while businesses slow down for the traditional holiday period, cybercriminals ramp up their operations taking full advantage of the skeletal staff and increased online activity.
Last year, 66% of South African organisations across all industries reported downtime following a cyber incident, and 85% of those confirmed the incident took place during the festive season.
Considering the growing threat landscape which is best exemplified by the number of malware detections, which tripled between the second half of 2021 and the first half of 2022, it is imperative that businesses take cybersecurity seriously this festive season.
Yet, there is still a significant lack of investment in cybersecurity by businesses across the continent. Recently, key stakeholders of the local team from leading cybersecurity provider, Trend Micro, came together to discuss the state of cybersecurity in Africa and provide insights into how businesses can prepare for the upcoming festive season and beyond.
The South African playground
Africa has not traditionally been a high-value target for malicious groups resulting in fewer attacks than regions such as Europe. However, since 2020 this has started to change. During the rush to digitalisation, malicious groups noticed the lack of proper protection in the region and began turning their attention to Africa. Although Africa still does not hold the highest value targets, ransomware groups have begun utilising South Africa as a testing ground for their newest programs and viruses. Over the past two years, the number of malware detections in the region has grown exponentially, reflecting this growing trend and highlighting the importance of a change in mentality towards cybersecurity across all industries in Africa.
The people problem
Too often is technology seen as a silver bullet. The same can certainly be said about cybersecurity solutions. While having a comprehensive solution is crucial to protecting your network and data from malicious actors, training your staff to become cyber-aware and implementing a strategy that prioritises people, process, and technology is vital to achieving actual cybersecurity. In fact, many consider insider threats to be more of a problem than that posed by malicious groups. In South Africa, Business Email Compromise is still a top vector for hackers. While insider threats certainly can be malicious, often they are as simple as an uneducated employee falling for a phishing email or even connecting to a public network without using a VPN, putting your data at risk. Ensuring your employees across the entire business understand cybersecurity is extremely important to maintaining a safe digital presence.
Shared responsibility
“The shared responsibility model is an alarmingly misunderstood approach to protecting your cloud environment.” Said Russell Young, Cloud Solution Architect at Trend Micro. “The misconception that hyper scalers are responsible for the protection of your online cloud environment is one of the leading reasons cloud misconfigurations and tunneling are also common methods of attack.”
The truth of the situation is far more complex with responsibility being divided at different levels depending on the agreement with your cloud provider. However, the fundamental underpinning for this model is that hyper scalers are responsible only for the protection of the physical hardware from which your cloud runs. This leaves you, the client, responsible for the protection of the digital space.
No such thing as one size fits all
Just as technology is not a silver bullet, neither is any single protection product, especially when looking at the cloud. Often businesses will adopt a security solution thinking that it is protecting their entire environment, only to be surprised when a vulnerability they thought was patched is exploited. When it comes to the cloud, depth of protection and ensuring you are more secure than the next company is the best approach. Starting with an audit and then implementing protection one category at a time.
The need for a cybersecurity community
The solution which is perhaps most crucial in ensuring a secure digital future is the need for businesses to create a cybersecurity community. As cybercrime has evolved from single actors working in isolation to a formalised and highly lucrative operation, malicious groups have been able to develop more sophisticated malicious software and also make malware available to a wider audience. It is important that security keep up with this rapidly growing industry. The best hope we have of doing so is by creating an educated and aware community around our business.
“Cybersecurity needs to be the responsibility of everybody, from executive to consumer.” Said Emmanuel Tzingakis Technical Lead for Trend Micro Sub-Saharan Africa. “People need to start treating cybersecurity in the same way we treat our physical security. Moving the responsibility for protection out of the IT department and sharing the load across all employees and consumers is critical to combatting the rising sophistication and volume of cyberthreats and keeping businesses safe this festive season and beyond.”
Read next: The most common passwords of 2022 are…
