In recent years, it has become generally accepted that cybersecurity is not only a cost centre for businesses, but also a critical contribution to their profit centres. As cyberattacks on companies have become a daily norm rather than an unusual event, the real cost lies in not investing in protection. However, it is still seen as a cost of doing business, rather than about business in its own right.
Now, however, it is becoming a core contributor to operations, according to new research released this week. The State of Cybersecurity in South Africa 2022, a study conducted by World Wide Worx for Intel and Dell Technologies, reveals that companies are almost unanimous in believing they can achieve more from their business objectives in a more secure cybersecurity environment.
No less than 94% of respondents to the survey of South Africa’s largest corporations said that a secure environment would contribute to business objectives. The proportion grew even further on the question of productivity: 97% said that employees are more productive when they think their work data is protected.
And then, the punchline: a huge 98% said employees can be more innovative when they know there is a strong security protocol in place.
Productivity is one thing – it keeps the wheels turning. Innovation is a different beast altogether: it allows a company to grow, thrive, and keep up with competitors, or outdo them. It has become the heartbeat of the organisation.
Typically, when research shows such unanimity to a series of key questions, it suggests a homogenous sample frame, meaning that most respondents have similar profiles or propensities, weakening the research as a decision-making tool. However, these were among only a handful of responses that indicated a common stance.
For example, 52% of respondents said that the costs of cybersecurity had exceeded budgeted amounts, while 44% saw an increase in cyberthreats due to remote working. These numbers have two implications, with the first being about the research itself: confirming that the corporate South Africa is anything but homogenous.
The second, however, is that large corporations underestimate the cost of protection, especially in an era in which remote working has become the norm, exposing data that is being produced in people’s homes rather than at the office.
The survey found that nearly two-thirds (68%) of South Africa’s top 100 corporations are investing more in cybersecurity than the industry average, but more than three quarters don’t feel fully protected by their current cybersecurity strategy. They cite Inability to control user devices, non-company users accessing company data, slow data processing speed due to end-to-end security protocols, and missing, lost or stolen devices.
The research aligns closely with Dell’s 2021 Global Data Protection Index, which included South Africa. It found that 72% of respondents were concerned that their existing data protection measures may not be sufficient to cope with malware and ransomware threats, while 68% agreed they have increased exposure to data loss from cyber threats with the growth of employees working from home.
“The solution does go beyond hardware protection,” says Khairy Ammar, services sales director of Dell Technologies Africa. “As new threats and vulnerabilities appear at break-neck speed, new technology also creates opportunities to innovate. As we navigate the changing landscape of work, it is imperative to deliver solutions that keep you and your employees safe.”
The new South African research shows that many “cyber hygiene” factors are implemented by corporations, with the majority using virtual private networks for access control, and managed security via cloud platform. These features show that corporations are aware of advanced methods of protecting themselves.
The challenge is not only the number of new threats, however, but also the fact that they appear from anywhere, and via any platform or device. For that reason, says Ammar, “endpoints” must be secure from anywhere. The answer is not in one solution, but in a procedure.
“You need intelligent solutions that prevent, detect and respond to threats wherever they occur. A procedural measure like taking on a certified cybersecurity partner to manage these services is often the best protection for corporations.”
* Goldstuck is founder of World Wide Worx and editor-in-chief of Gadget.co.za. Follow him on Twitter on @art2gee. He was principal analyst on the State of Cybersecurity research project