By Winston Ritson
Digital transformation has brought with it a massive increase in cyber activity, and attacks present a real, and present danger to people and organisations across the globe.
Add in a global crisis like COVID19, where most people ended up working from home in potentially unsecure environments, and you have the perfect storm for those who earn their living from cybercrime.
Threat actors are quick to exploit our vulnerabilities, and the middle of a pandemic — when everyone is worried and searching for information — the odds are high that the average person is less likely to realise that they’re looking at a phishing email, or that the quiz they are taking on social media to distract themselves, is actually gathering valuable intelligence that can be used at a later date to hack a personal laptop, or a bank account.
Small to medium-size businesses are at increased risk of a cyber attack
Cybercrime is becoming increasingly sophisticated and the threat is not always immediately identified. While we are becoming more aware of cybercrime and the potential damage it can do, many still think it’s something that happens to other people, or bigger organisations.
Small to medium size businesses (SMBs) are at particular risk. One might assume that it’s the bigger organisations and the financial houses that receive the most attacks, but various reports show that almost half of attacks occur on SMBs. In recent research conducted by Liquid Telecom, just over half of the South African and Kenyan businesses surveyed have experienced a cyber security threat during the COVID-19 pandemic.
There are a number of reasons why this figure is so high – including a lack of preparedness, resources, and budget, to defend themselves. Smaller businesses typically have smaller IT departments, and a smaller budget, so making that decision to allocate a large portion of it to preventing potential attacks is often a difficult one. Often in these situations, processes such as regular updates and patching, stringent access protocols, and stronger network security aren’t as prioritised as they would be in a multi-national conglomerate, for example.
The real problems come in when the attack is actually perpetrated on the SMB, in order to gain access to a much bigger organisation and potential payday. Today, many large multi-national organisations use local SMBs as part of their diverse supply chain. To create efficiencies and improved productivity, these two businesses are often linked via a particular connected services application. If the SMB isn’t properly protected, it means that the larger organisation is at risk through an effective back door.
For this reason, protecting one’s assets is no longer a nice to have, it really has become a business imperative that requires a different mindset, and toolset, and a cloud-centric security model with an interconnected and integrated architecture.
Rolling consequences of a data breach
As evidenced by multiple reports in the media, cybersecurity threats have increased during the COVID19 pandemic. “Africa is being used both as a target and as a camping ground for malicious actors out there who are using VPS hosting providers to host their attacking infrastructure and servers,” says Andrew de Lange, threat specialist at Anomali, one of Liquid Telecom’s cybersecurity partners. This has massive implications for individuals and businesses across the continent.
In a recent survey conducted by Liquid Telecom, 72 per cent of South African respondents, and 47 percent of Kenya respondents said they had experienced phishing or social engineering attacks. The majority of respondents believed that the financial impact of a breach would take a heavy toll on the business, however many noted that not enough of their IT budget was being allocated to cyber security.
There are rolling consequences to what happens from a data breach. Today, the average individual is far more tech savvy than before, and 20 percent of downloaded applications are user-led rather than IT-led, which increases the potential threat. To safeguard against this, you need to have a 360-degree view of your IT landscape, identify gaps, and monitor, and proactively manage threats. This is particularly relevant on the continent as we face very specific challenges when it comes to cybersecurity, which is why we need a solution that is built specifically for the African landscape.
Data breaches can take a huge toll on an SMB. There is the obvious financial costs of the breach, but often, businesses don’t have a full grasp of the reputational damage that occurs. The 14th Ponemon Institute Cost of a Data Breach Report released in 2019, revealed that on average it takes 228 days to identify and contain a data breach in South Africa, and that the average total cost of a breach is $2.14 million. According to the report, 39 percent of the costs of a data breach are actually incurred more than one year after the incident.
It is not just about the immediate financial costs, however damage to an organisation’s reputation can have long-lasting consequences to the businesses. Once a business has been breached, there is a massive loss of trust, on the part of all stakeholders. Customers are weary to share private information or transact financially with a company that cannot safeguard their information, and they certainly will not recommend them to others. While you can stop the attack and repair the technical environment, re-gaining lost trust and sales is a much more difficult task. At least a quarter of small businesses that have suffered a breach have ended up filing for bankruptcy.
Three steps to take to better secure your business
A good place to start for any business, but particularly SMBs is with your people. They are your first line of defence, empower them to act as a human firewall. Conduct regular training – either through your IT department or through an external consultant who can show them what potential threats look like, and how to be smarter when interacting online. Repeat the training regularly to remind them and keep cyber security top of mind. Your systems can be as secure as possible, but if your staff are inadvertently revealing passwords or information that could make guessing that password easier, then it won’t matter how advanced your technology is.
The second step is to make sure your IT department has visibility across the business, and secure staff access. Put measures like regular changing of passwords in place, disable downloads of untrusted software and applications, and ensure that your employees’ personal devices (if they are using them to access company networks) are secure as well.
Thirdly, make sure that your systems and information are secured on a regular basis. Your IT department needs to make sure that updates and patches are run regularly on machines to prevent potential back doors being accessed. The reason software companies release updates is because more often than not, they have been alerted to, or identified a potential security threat in their software and the patch is there to close that gap.
The Author is the Group Head for Cloud Services at Liquid Telecom
