Cyberthreats are growing at an unprecedented pace and the year ahead will be fraught with cybercrime and incidents ahead of a global election year where more than 60 countries head to the polls, including South Africa – and new threats like AI and deepfake technology making the stakes higher than ever to execute a strong cyber defence.
This is according to the latest Mimecast “The State of Email and Collaboration Security” (SOECS) report, based on an in-depth global survey of 1 100 information technology and cybersecurity professionals.
As South African consumers increasingly shop, work, and live online cybercriminals are targeting organisations more and more. Over 70% of local companies have been impacted by some form of ransomware attack over the last 12 months. This indicates that for organisations to remain secure and compliant, and protect their data they need to prioritise protecting their systems.
Additional local highlights from this year’s report include:
* Human risk is today’s biggest security gap and IT teams must better equip employees with the right tools and training. Forty percent of all local cyber breaches are caused by human factors, including errors, stolen credentials, misuse of access privileges, or social engineering. Despite this, only 22% of organisations are regularly training their employees to spot cyberattacks on an ongoing basis. The second common security gap is increasingly sophisticated attacks (33%) being deployed by cyberthreat actors. Lastly, insufficient cybersecurity budgets (30%) round off the top three threats faced by local organisations.
* IT teams are proactively stepping up their defence strategies – especially as AI presents new challenges. The emergence of AI is accelerating the spread of phishing and ransomware by making it easier for threat actors to perpetrate successful attacks. Over two-thirds of respondents are concerned about new threats posed by AI and 54% say their organisations will face AI-driven attacks in the coming year. As companies prepare for new threats they’re viewing cyber risks as a bigger business problem, not just an IT problem.
* Email remains the primary attack vector for cyberthreats like phishing, spoofing, and ransomware, but collaboration tools pose new and dangerous points of entry for bad actors. Fifty seven percent expect collaboration tools to pose new threats, and 60% believe it is likely that their company will be harmed by a collaboration tool-based attack.
“Emerging tools and technologies like AI and deepfakes, along with the proliferation of collaboration platforms, are changing the way threat actors work, but people remain the biggest barrier to protecting companies from cyberthreats,” says Marc van Zadelhoff, Mimecast CEO. “Cybersecurity and IT teams need to work with wider business leaders to prioritise understanding human risk. With the right tools and education, companies can better safeguard against threats and manage human risk.”
Brian Pinnock, vice-president of sales engineering: EMEA at Mimecast, adds: “As cyberthreats continue to evolve there are still significant and dangerous gaps in many local businesses’ defensive measures. Some of these gaps – such as human risks – remain largely unaddressed. To ensure secure and sustainable business operations in our increasingly digital-first economy it is critical that organisations have the strategic partnerships to integrate the right cybersecurity protection into their day-to-day operations.”