Connect with us

Featured

What coronavirus teaches us about cybersecurity

There are startling parallels between cybersecurity issues and the massive challenges we are currently facing with the virus pandemic, writes BRIAN PINNOCK OF Mimecast

Published

on

The World Health Organisation and governments around the world are grappling with the Coronavirus (now named Covid-19) that has, as of end-February, infected more than 110 000 people in over 100 countries. Predictions are that it could cause in excess of $1 trillion of economic damage.

In 2017 the NotPetya virus became a global cyber-pandemic that spread around the world in a few short hours, paralysing organisations, crippling shipping ports and shutting down government agencies globally. It caused over $10Bn in damages.

One reason for the seismic disruptions caused by both medical and cyber pathogens is the interconnectedness of the global economy. Supply chains now span multiple continents. Air travel passenger volumes have doubled. Disruption in China is leading to disruption everywhere.

Similarly, digital supply chains span continents and cloud computing has become ubiquitous, leading to a digital interconnected web which is fragile and can be easily broken.

The coronavirus has brought into stark relief some elements of basic human nature that come into play in both a health crisis and a cybersecurity incident.

A deeper look shows striking similarities between the human responses to the coronavirus outbreak and cybersecurity incidents.

Risky behaviour exposes everyone

Reports suggest that the coronavirus originated from animals such as bats, pangolins or civets. Cross species transfer possibly occurred in a market in Wuhan. Researchers found that the tolerated risky behaviour of consuming exotic animal parts triggered a single introduction into humans, which was followed by human-to-human spread. Similarly, employees engaging in tolerated risky behaviour, such as visiting adult or dark web sites or downloading files from non-work-related portals, can let malware into the organisation that spreads from one user to another.

Transparency is critical

Too often, keeping silent exacerbates the situation and puts business communities at risk. China has received some backlash, with reports emerging that the Chinese government at first played down the risk of outbreak and later the extent of the problem. Transparency is a major contributor to effectively managing the potential fallout from a viral disease. Even today, we are unsure of the extent of the coronavirus outbreak.

Similarly, by the time senior management are made aware of a serious cyber incident, the infection has usually been incubating and spreading in an organisation for weeks or sometimes months. The organisation can become the source of further infection via their own email systems. Coverups mostly don’t work and hide the extent of the problem to the wider community which leads to misinformed complacency about risks.

Many organisations don’t share threat intelligence effectively or at all. Cybercriminals therefore employ the same attack method repeatedly against multiple organisations because it keeps working. We enable criminals by staying silent and ineffectually sharing the symptoms and preventative measures of the cyber disease.

The importance of basic (security) hygiene

Demand for face masks is surging. But face masks aren’t as effective as most people think. Unfortunately, people are drawn to visible controls rather than invisible ones. But medical authorities suggest that basic practices, like regular handwashing, are more effective at preventing the spread of the virus.

The equivalent in cybersecurity is focusing on basic controls first. Have effective and regular patch management practices, implement controls to detect and prevent the spread of malware, adopt regular employee awareness training to equip people with the appropriate knowledge to avoid risky behaviour. It is mostly invisible, but it is a critical layer in the defence against cybercrime.

Herd Immunity and Misinformed Complacency

Organisations who can’t or won’t patch and protect their systems or train their people are the equivalent of the those who won’t or can’t vaccinate their families. An expectation of herd immunity is often misplaced both when it comes to human health and for cybersecurity.

In the UK an auditor general report on NHS disruptions caused by the WannaCry virus, showed they all had unpatched or unsupported operating systems. In addition, other security controls would have prevented the rapid spread and subsequent deaths and fiscal costs. But they were incorrectly configured which allowed the virus to spread.

We can never prevent all infections and we can never anticipate every eventuality. Diseases will continue to jump the species barrier and zero-day malware will continue to appear. What we can do however is become more transparent, be more community focused and make ourselves more resilient. If not, we remain exposed to a “Disease-X” – either in the medical or cyber domains – with no known treatments or vaccines and at the risk of devastating economic and human losses.

Featured

How retailers must respond to life under lockdown

Published

on

As businesses settle into lockdown, South Africa’s largest second-hand retailer, Cash Crusaders offer other retail businesses – that have also been forced to close, some advice and recommendations on preparing for, and managing through the lockdown. The group that have been operating for over 20 years with over 220 stores nationwide, also offer advice on considerations retail store owners – and other businesses, should make as the country makes their COVID-19 economic recovery.

Follow the rules

Ensure that you follow the rules set out by our President for the lockdown. As bitter as this pill may be to swallow, the longer-term benefits for our country and our businesses far outweigh the frustration and anxiety you may be feeling now. This is not a time to break the rules. #StayAtHome. It is a time to practice human responsibility, not complain about Human Rights being compromised. Countries who initially implemented loosely managed lockdowns, have had to extend to get the pandemic under control, so strict rules from the get-go will prevail in the fight against the virus. 

Secure your stores

By now you should’ve secured your valuable goods and should have ensured all your security systems are in good working order. If you haven’t already, make sure your security companies have your correct contact information. Make sure your necessary insurance cover is up to date.

Keep your staff informed

They are and continue to be your most important asset!

By now, you may have needed to investigate UIF benefits to compensate for your employees loss of income. The Minister of Employment and Labour, T.W Nxesi has recently announced measures that the Department will put in place under the current special circumstance relating to the Corona virus (COVID-19) and its impact on UIF contributors.

The Temporary Employee/Employer Relief Scheme (TERS) has been set up under the auspices of the Unemployment Insurance Fund (UIF). Employers apply for the TERS on behalf of its employees. 

The TERS has two distinct advantages over UIF 

  • All employees qualify for up to 3 months of benefits, irrespective of how long they have contributed to the UIF and 
  • TERS will not pay any employee less than the minimum wage.

You can benefit from the TERS by sending an email to covid19ters@labour.gov.za. Applicants will then receive an automated response which outlines the steps you will need to take, as well as the details surrounding them – including the requirements to claim benefits. During the lockdown period, the Department of Labour will not accept manual applications (to reduce physical contact and risk of the virus spreading), this is to reduce contact between people to curtail the spread of the pandemic. A hotline number has been created by the UIF (012-337 1997) for Covid–19 TERS Benefit enquiries during the lockdown period. 

Be sure to be calm when addressing any concerns with your team – they are anxious and nervous of what the eventuality of this outbreak may be.

Communicate with your bank

Make sure you’ve been in touch with your bank (as they are still operational) and discuss any loan repayment relief or postponement over the lockdown period (the banks have termed this a “payment holiday”). Work with them on a cash flow plan as once the lockdown has lifted, trading businesses will need liquid cash.

Contact your landlord

Ensure you’ve connected with your landlord to discuss and agree on any possible repayment or rent relief/payment holiday they may be able to offer you. Keep the channels of communications open with your landlord and bank – rather over-communicate than not communicate enough.

Keep communication open with your customers

The country may be on shutdown, but the internet isn’t. Communicate with your teams and customers by whatever necessary and relevant communication channels you have available to you – website, social media, PR/Marketing teams, newsletter dissemination etc.

Use this time wisely

Amidst all the chaos this time brings, there is also a silver lining. We all have time at this stage, but how many of us make valuable use of that time? Particularly when it comes to family.  Business is demanding most times so with a forced shutdown of business it give you the time to spend with your family, catch up on outdated maintenance around the house and a period of rest. This lockdown period will also afford you uninterrupted strategy time. Take the time to reflect on areas of your business you can improve or evolve. Strategise ways to do things better or differently. Use the resource available via your own business network as well as the countless online content that is available, to work on a plan for the way forward. Consider your financial, loan and other business administration processes you have in place and look at new ways to optimise the channels and areas you’re working with or within. A host of online learning facilities offer short courses – perhaps consider upskilling yourself or members of your team by signing up for one of these too.

“These are some of the steps we’ve taken within our own organisation,” says Sean Stegmann, CEO of Cash Crusaders. “Having been in this business for as long as we have has afforded us the wealth of experience we’re able to share with our franchisees and other retail business owners to help navigate the next few weeks and recovery period,” he says. “Take it one day at a time and know that the decisions we’re being forced to make today will mean a future for us tomorrow, both in business and in health!,” he concludes

Continue Reading

Featured

Vodacom cuts cost of smallest bundle by 40%

The country’s largest mobile operator has kept to a promise made last month to slash the price of entry-level data packages

Published

on

Vodacom has cut the data price of its lowest-cost bundle by 40%, reducing the price of a 50MB 30-day bundle from R20 to to R12. This follows from the operator’s promise in March, when it announced a 33% cut in the cost of 1GB bundles, to reduce prices of all smaller bundles by up to 40%.

Vodacom’s various 30-day data bundle prices will be cut across all of its channels, with the new pricing as follows:

30-day bundle size New Price Reduction
50MB R12 40%
150MB R29 33%
325MB R55 33%
500MB R79 21%
1GB R99 34%
3GB R229 23%
5GB R349 14%
10GB R469 22%
20GB R699 31%

Vodacom confirmed it will provide free data to access essential services through Vodacom’s zero-rated platform ConnectU with immediate effect. The value of these initiatives, it says, is R2.7-billion over the next year.

“Vodacom can play a critical role in supporting society during this challenging time and we’re committed to doing whatever we can to help customers stay connected,” says Jorge Mendes, Chief Officer of Vodacom’s Consumer Business Unit. “Since we started our pricing transformation strategy three years ago, our customers have benefitted from significant reductions in data prices and the cost of voice calls. Over the same period, we invested over R26 billion in infrastructure and new technologies, so our customers enjoy wider 2G, 3G and 4G coverage and vastly increased data speeds.”

The latest data reductions will complement the discounted bundle offers that will also be made available to prepaid customers in more than 2,000 less affluent suburbs and villages around the country. For qualifying communities to access further discounted voice and data deals, they need to click on the scrolling ConnectU banner on the platform via connectu.vodacom.co.za

ConnectU – which is a zero-rated platform – also went live this week. It will provide content aimed at social development and offers a variety of essential services for free. Learners and students enrolled in schools and universities can access relevant information for free, with no data costs. The ConnectU portal includes a search engine linked to open sources such as Wikipedia and Wiktionary as well as free access to job portals; free educational content on the e-School platform; free health and wellness information and free access to Facebook Flex, the low data alternative to Facebook that enables customers to stay socially connected.

Vodacom’s popular Just4You platform has been a significant contributor to the approximately 50% reduction in effective data prices over the past two years. Substantial cuts in out-of-bundle tariffs and the introduction of hourly, daily and weekly bundles with much lower effective prices have also driven increased value and affordability, resulting in R2-billion in savings for customers in 2019.

Continue Reading

Trending

Copyright © 2020 World Wide Worx