Alaa Bawab, General Manager for the Middle East and Africa
Cybersecurity in South Africa is an ongoing concern, as the country, like many others, faces various cyber threats. A significant number of cybercrime incidents are experienced regularly, including phishing attacks, malware infections, online fraud, and data breaches. These threats target individuals, businesses, and state institutions.
The South African government has recognised the increase in ransomware attacks, acknowledging the importance of cybersecurity, and has taken major steps to address the issue. The Cybersecurity Hub was established in 2018 to enhance coordination and collaboration between government entities, law enforcement agencies, and the private sector. Additionally, the Cybercrimes and Cybersecurity Bill has been introduced to update legislation and strengthen legal frameworks. Businesses understand they need to be investing and doing more when it comes to cybersecurity, with Lenovo research showing that 59% of leaders are likely to invest in security tools in the next five years.
There is an increasing emphasis on developing cybersecurity skills and expertise within South Africa. Various initiatives, such as training programs, certifications, and cybersecurity competitions, aim to build a skilled workforce to combat cyber threats effectively. Given the complexity of the threat landscape, companies must embrace a dynamic security response using these skills, and ensure they safeguard their data by selecting the correct methodologies and professional solutions which have been built with safety and security in mind.
Understanding the threat landscape
When creating an effective cybersecurity strategy, it’s important to understand that threats have evolved to come from all angles, and can often bring businesses to their knees. In the past, we’ve thought of security as a fence in which data can flow freely across the business, but that is sadly not the case. A notable cyber attack incident in South Africa is the June 2018 data breach incident that affected Liberty Holdings, a prominent insurance and financial services company.
The cyber attack was orchestrated by hackers who gained unauthorized access to Liberty’s IT infrastructure. The attackers used sophisticated techniques to infiltrate the company’s systems and exfiltrate a large amount of sensitive customer data. The cybercriminals managed to access and steal a considerable volume of confidential customer information, including personal details, policy documents, and financial records. The breach compromised the data of millions of Liberty’s clients, exposing them to potential identity theft and financial fraud risks.
This is a clear example of how companies need to ensure that their defences are on a completely different level. You would never take your server or storage system off-site, thankfully, but if an attacker can get at that amount of data that is in a server, they can access all the operations in the business. Leaders, therefore, require built-in security systems that can handle major problems like the one stated above.
It’s also important to recognise the reputational damage caused by a cyberattack. It’s not just the loss of data; if you can’t get it back quickly, it can be massively impactful for customer trust and loyalty. In the eyes of the public, transparency is also a crucial element. If a company is hit by a cyberattack, it must be clear about what’s happened, communicate it with its customers, and outline what actions have been implemented to resolve the issue.
Infrastructure with built-in security
So how does a company defend its data in this ever-changing world? For a start, there are smarter things they can do with their IT hardware and infrastructure. That means choosing data management solutions with end-to-end security built in, stretching from edge to cloud. Wherever your data is, it must be defended.
Modern IT infrastructure must be built to handle increasingly sophisticated security threats – and that means built-in recovery capabilities. It’s becoming more essential that there is an audit trail through the whole lifecycle of machines. Servers are incredibly valuable objects to a business: leaders ideally need tamper detection and monitoring embedded into the actual chip design. Server monitoring, the systematic tracking and measurement of processes and operations on a server, can be used to collect insightful data and draw conclusions about the health and condition of servers. This ensures they are reaching an optimal level of performance.
Having a data protection plan is also of paramount importance. Companies must assume they will lose data and create a situation where they can recover it. No matter if it’s in the cloud, or on the edge, they need a system to back it up. If businesses put data in a safe place, they can get hit and still come back. A robust data protection plan improves security and protects company assets by helping to prevent breaches and data leaks. This means that organisations can avoid the financial impact of a security breach, protect assets, safeguard customer data, and uphold the company’s reputation and brand.
To adapt to today’s rapidly shifting cybersecurity environment, business leaders also need to take a longer view and adapt to current and future threats. Data must be protected from a machine’s inception, through its life, to the point where it is securely deleted in a compliant way. For maximum peace of mind, leaders should opt for suppliers that have secure supply chains and knowledge of every component back to its original manufacture. Outsourcing infrastructure and software to third parties effectively spreads a company’s threat surface, which means it’s important to run regular assessments of security risks in the supply chain and understand the procurement standards of each supplier. This will empower businesses by identifying exactly which areas are most vulnerable and consequently which require the most investment.
Secure by design in PC hardware
Security must also be upheld throughout the design process when it comes to PC hardware. Business leaders must opt for hardware that has been built with security at the forefront, incorporating innovative features such as unified endpoint management, by which a device can be monitored, controlled, and locked down.
Devices can also be integrated with unique privacy alert features that provide additional layers of security when working remotely, such as activating a privacy blur when an unauthorised user’s face is detected viewing the laptop screen. Added features like safe browsing, sandboxing and data encryption are all aspects which can be integrated into the core design of a laptop, helping leaders rest assured that they are doing everything to keep their company data safe.
Zero-trust architecture is also an effective way of safeguarding hardware to ensure data is only accessed by trusted users. It works by assuming that no one from inside or outside an organisation is trusted, with access to network resources layered with strict identity verification gateways. Using multi-factor authentication (MFA) is a key feature of zero-trust and helps create a more dynamic approach to security, regardless of where the end-user is operating beyond the four walls of an organisation.
When it comes to selecting PC hardware, and even servers, companies must select products and solutions that incorporate security from the outset, not as an afterthought or add-on. Implementing security from the start of the product lifecycle ensures it’s a fundamental aspect and can be enhanced or tweaked in line with product updates. Vendors can even use third parties to make sure their hardware or software is tested and approved before being incorporated into products.
Looking to the future
Business leaders have to think wisely about their computers, hardware and equipment, from personal devices to the cloud network, at every stage from start to finish. Picking the correct equipment and software protection will be more and more crucial as cyber risks get more challenging. Perhaps most important of all, the collaboration between public and private entities is crucial for cybersecurity in South Africa. Partnerships between government agencies, industry stakeholders, and academia help foster information sharing, threat intelligence, and collective efforts to address cyber threats.
Raising awareness about cybersecurity best practices is a priority. Public campaigns, workshops, and educational initiatives aim to educate individuals and organisations about potential risks, safe online behaviour, and the importance of implementing strict security measures. Businesses need to make implementing cybersecurity measures a top concern to properly protect themselves from future threats.