In an article published on Fin24.com earlier this year, it was reported that, according to a study done by global cybersecurity company Kaspersky Lab, malware attacks in South Africa had increased by 22% in the first quarter of 2019 alone.
The article went on to explain that this translated to about 13 842 attempted cyber-attacks in SA per day, or just under 577 attempted attacks per hour.
It’s clear when looking at stats like these that risk and security management within a cyber context should be two of the biggest considerations for any business today. Failure to protect your company’s computer systems from theft or other forms of malicious intent, not only causes physical damage, but can also lead to potentially irreversible reputational and financial damage.
As technologies have kept evolving, risk and security management practices have also needed to evolve along with it. Looking at where we are today, the following shifts have been the most prominent:
Passwords are becoming a thing of the past
Passwords have for many years been a bit of a soft target for hackers who have developed many strategies for gaining access to them. Passwordless authentication methods which are able to associate users to their devices in other ways, like the Touch ID technology on smartphones which makes use of fingerprint recognition, offers not only increased security but also increased usability at the same time. With these technologies there is no longer a need for a user to remember (and protect) a series of complex passwords to access systems.
Cloud security is getting a lot of attention
As more and more people are making the shift to SaaS and cloud-computing, cloud security is becoming a specialised and highly sought after skill. Companies who make use of cloud services should not be relying on the provider alone to ensure a secure solution. Cloud security is a shared responsibility, one that requires all organisations who make use of cloud solutions to invest in building up internal expertise to support it.
Use of automation, machine learning and artificial intelligence
With cyber attacks becoming more sophisticated by the day, cybersecurity is needing to leverage developments within the automation, artificial intelligence and machine learning space to proactivity monitor systems, work through mountains of log data, categorise behaviours as “good” or “bad”, and then eliminate attempted threats as they (or even before they) occur.
Cybersecurity is no longer only a concern for large corporations
With technology becoming more accessible to businesses of all sizes, it’s no longer only the large corporations who become victims of cyber attacks. Hackers rely on the fact that smaller businesses typically don’t have the same level of awareness and/or resources, and they exploit this to their advantage.
Security compliance is becoming a regulatory requirement
We’ve already seen big developments within the data protection space as data privacy and protection laws are taking shape across many countries. We predict the rise of many more prescribed security standards, by both government and security authorities. One example of this is the new point-to-point-encryption (P2PE) standard released by PCI Security Standards Council to ensure the protection of debit and credit card information. Alignment to these standards will become mandatory, creating more work for businesses to align in order to avoid penalties.
Need an outsider perspective on the adequacy of your risk and security controls? Give us a call on 021 447 5696 or email firstname.lastname@example.org. We can help identify areas of vulnerability by doing a detailed analysis of your current environment.