Cyber risks are growing all the time and attacks are becoming more sophisticated, making it difficult for companies to stay on top of things. KAGISO SETSETSE discusses the pitfalls of the Internet and how businesses can avoid cyber-attacks.
The issue of web security is not a new one. However, since our migration to the digital age, organisations are now facing rapidly changing risk landscapes at a frightening pace. Cyber risks are growing exponentially and attacks are becoming more sophisticated. From opportunistic criminals on one end of the spectrum to full-blown operation crippling attacks on the other, organisations cannot afford to ignore the wolf knocking on the door to come in.
Moreover, web security is set to become a legal requirement – not just an option. The Protection of Personal Information Act (POPI) has set the conditions for how information is processed and stored, and the consequences of any failure to adhere to the standards. This means that organisations will need to put proper IT security measures in place to ensure compliance, and web security will be highly imperative in any IT security strategy.
Protect the organisation from itself
Did you know that the organisation’s staff might be the biggest threat to its own security? Employees don’t necessarily have to be malicious to put a company at risk: they may just not understand the possible risks associated with their actions. Some of them might not understand why phishing and opening unfamiliar files is dangerous, and there is often a lack of commitment from senior management to managing information security effectively.
Research has shown that effective staff training can halve the number of insider breaches. Training ensures that employees understand the importance of information security and their role in protecting business critical information. In addition, they will be more cautious of their future interactions if they’re aware of the effects.
Know the different types of attacks
With each passing day, a new Trojan or malware virus is developed and wreaks havoc throughout organisations. Look at the chaos caused at JPMorgan – the largest US bank – by a team of Russian hackers, as a recent example of how cyber-attacks can bring organisations to a standstill. This is why it’s important to understand the critical types of cyber-attacks that exist:
How to protect your organisation
Apart from educating your staff about the dangers of cyber-attacks, the organisation will need to implement a solution that protects it from all web threats – not just an antivirus program. Essentially, you should be looking for a solution that consists of the following:
South Africa is the second most targeted country in the world for internet fraud and phishing attacks. In 2013 alone, South Africans lost over R2.2 billion to cybercrime. With such alarming statistics, isn’t it time that you prevent your business from adding to that number by beefing up its web security?
* Kagiso Setsetse is the head of ITNA.
* Follow Gadget on Twitter on @GadgetZA