While the information technology (IT) security systems available in South Africa are highly competitive, corporate spend on this aspect of business remains too low if the country is to keep up with international trends, says hacking and industrial espionage protection company Neworder Industries network security specialist Gavin Hetherington.
He notes that South African companies lack an element of maturity regarding cybercrime, preferring to deny or ignore the threat it poses rather than dealing with the issue openly.
“Cybercrime has escalated far beyond a teenage hacker in his/her garage to a global pandemic of organised crime; however, in South Africa, it is still treated as a taboo subject. Companies need to collaborate and be more open about the enormity of this threat – we are all in this together and there is power in numbers.”
Hetherington points out that international companies as large as online platform operators Yahoo, Adult Friend Finder, LinkedIn and Tumblr – to name a few – were recently breached, highlighting that any company can potentially be a target for cybercrime.
He stresses that people pose the biggest risks to any business, as they impose notorious insider challenges to security systems. He stresses that South African companies need to put better cybersecurity policies in place and invest in training and awareness to ensure that employees gain a clear understanding of what constitutes a cybersecurity risk and how to protect against it.
“South Africa has come a long way in information protection in the last three years. As a country, we are automating our procedures and using the very best in technology to stay ahead of the game. Regulations such as the Protection of Personal Information Act are ensuring that companies have proper incident and management policies in place.”
However, Hetherington warns that hackers are highly adept at breaching a company’s security through a number of avenues, including attacks through wide area networks, wireless local area networks, the Internet of Things, password hacks, missing patches and updates, improperly configured or risky software, application vulnerabilities and misconfiguration, as well as through corruption.
“Bring your own device systems – where employees are permitted to access company information and applications through personally owned devices, such as laptops, tablets and smartphones, also present opportunities for breaches. In addition, there has been a rise in the development of malicious software – or malware – which has increased the ease with which cybercriminals can access information on smartphones and tablets.”
With new regulations, procedures and policies being implemented in the financial services industry sector, financial services providers (FSPs) are particularly at risk to breaches by cybercriminals. “New infrastructure means new vulnerabilities,” says Hetherington.
This was a point well highlighted at South Africa’s first Customer Relationship Management Roadshow, which was held last month in Johannesburg by technology company Microsoft in collaboration with technology consultancy and development company Mint Group. Aimed specifically at FSPs, the main message shared at the event was that digital transformation is no longer an option but a necessity to ensure regulatory compliance, security and streamlined service delivery that enables, fosters and innovates customer centricity.
At the event, Microsoft small and mid- market solutions and partner lead Derek Kudsee highlighted the unique challenges facing FSPs regarding customer centricity and technology, stressing that “digital technology is driving massive demand for transformation in financial services and FSPs need to deliver innovative customer and employee experiences with speed and agility while managing the realities of risk, regulation legacy systems and cost pressures”.
However, in response to this increased drive for digital, Hetherington warned that when it comes to security in the financial services industry, organisations can never be too safe. “With the financial services industry being one of the most-targeted sectors for cybercrime, FSPs need to use advanced threat intelligence and detection solutions to anticipate, withstand, recover and evolve.”
Neworder Industries has been operating in South Africa for 20 years, dealing with sensitive client data ranging from digital forensics to network security issues. The company works closely with IT security experts and IT leaders to ensure all its clients have the highest standard of cyber- intelligence in the market.