Kathy Gibson reports – Organisations can be more innovative and therefore more competitive if their data is properly secured.

This is one of the conclusions from “The State of Cybersecurity in South Africa 2022” study by World Wide Worx in partnership with Dell Technologies and Intel, which looks at the cybersecurity in the enterprise.

In fact, a massive 91% of enterprises realise that cybersecurity is vital to not just keep the lights on, but to achieve business goals. “Five years ago maybe half would have said it was crucial to business strategy,” points out Arthur Goldstuck, MD of World Wide Worx.

“There has been a dramatic shift in the thinking about cybersecurity in the enterprise.”

The study found that 94% of companies believe they can achieve more of their business objectives in a more secure environment.

Significantly, 97% of enterprises say they employees are more productive if they feel their data is protected; and 98% of them believe that employees are more innovative when they know there are strong security protocols in place.

“This is the big differentiator,” says Goldstuck. “Innovation sets you apart from the competition and, if you employees are more innovative, the company is more innovative.

“So cybersecurity is at the heart of innovation, and innovation is at the heart of competitiveness.”

The study also found that a large proportion of companies use a variety of security solutions together, with VPN being the most commonly employed (98%), followed by cloud platform managed security at 86%.

Somewhat worrying, while most organisations (95%) encrypt data in transit, only 54% encrypt it at rest.

A big majority of companies are prepared for disasters, with 99% having a disaster management or backup solution in place.

The study found that a remarkable low proportion of companies have no people working remotely (7%), compared to 50% of them with up to a quarter of their workforces working remotely; 25% with up to half; 16% with up to three-quarters; 4% more than three-quarters; and 2% with all their staff working out of the office.

“We see that there is a fairly wide spread of strategies with regard to remote working,” Goldstuck comments. “Given this range of approaches, we expected to see an increase in exposure to data loss but, surprisingly, didn’t.”

Forty-five percent of organisations see somewhat more threats because of remote working; while 53% experienced no change in the amount of threats.

Asked what difficulties companies experienced with security measures, the biggest concern was that cost exceeded the budgeted forecast (51% of respondents).

Other concerns were that solutions require too much employee training (33%), they are inconvenient to manage (31%) or that companies were still left vulnerable (6%).

With remote working the study found that not just obstacles, but also vulnerabilities emerged behind the scenes, the single biggest fire missing, lost or stolen devices (55%), followed by non-company users accessing company data (35%), slow data processing speed due to end-to-end security protocols (35%), and an inability to control devices which raise exposure to malicious activity (34%).

Despite this, 87% of companies believe their data protection methods are sufficient to cope with malware and ransom threats, with 1% saying they are not, and 12% being unsure.

Forty-three percent of respondents have experienced an increase in threats of ransomware and phishing, which they mostly mitigated through the use of security software (71%) or by consulting an expert to remove it (27%).

“But no corporates paid a ransom in the case of ransomware,” Goldstuck points out.

Organistions believe that cloud-native applications pose the biggest threat to data protection when it comes to new and emerging technology (60%). This is followed by Internet of Things (IoT) (53%), blockchain (35%), edge computing (30%), machine learning (26%), artificial intelligence (24%), robotics (7%), Kubernetes containers (5%) and virtual reality/augmented reality (VR/AR) (4%).