Cybercrime is continuously expanding, and attackers are constantly ‘improving’ their capabilities to take advantage of limited cybersecurity awareness among businesses.

By Nomthi Nelwamondo, group CIO of Assupol

The rise in cyber-attacks is mainly attributed to a combination of cyber criminals continuing to evolve their tools and techniques, as well as the way hacking groups exploit the rise in remote working driven by the Covid-19 pandemic as a means of gaining access to accounts and networks.

A recent report by KPMG suggests that African enterprises are a favourite target for cyber attackers. The cyber-security landscape across the African continent is highly dynamic and is rapidly evolving, propelled by widespread digitalisation across business sectors.

One of the main factors contributing to this is that African economies are growing at a tremendous level, and this sees many businesses adopting digitalisation. Whilst these technologies have enabled faster growth, they have also led to challenges related to cyber-security.

Cybercrime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, and many other things.

Global perspective

While South Africa and the continent, in general, are sensitive to cyber threats – it is worth mentioning that cyber-security is a global issue, affecting big corporates across the world. Financial institutions, particularly banks and insurers, are becoming increasingly reliant on digital infrastructure.

Although global regulators and industry bodies are hard at work, it is unclear who is responsible for protecting the financial system (and other business sectors) against cyberattacks.

To achieve more effective protection of businesses against cyber threats, we might have to go back to basics – skills and development. A report by ISACA on the State of Cyber Security suggests that at a global level, an estimated 3-million cybersecurity job vacancies remain unfilled. This is an alarming insight, but it also presents us with a possible solution to cyber-attacks.

Financial institutions have the financial resources to combat cyber-security threats, unlike many sectors. This might look like a positive for someone who works within the financial sector, however, we have a collective problem since we share market segments. As a result, there needs to be a collective solution, or at the very least, a collective action plan.

Solution for uniquely local issues

Cyber hygiene is very crucial to combat and manage cybercrimes. It refers to a set of practices organisations and individuals perform regularly to maintain the health and security of users, devices, networks, and data.

Implementing monitoring solutions based on organisational needs and budgets can help drive effective cybersecurity programs. The positive part is that organisations are now aware of the impending threats and the risk of exposure to cyber threats. The aforementioned report by KPMG further states that to achieve robust cybersecurity, organisations must focus on holistically developing their cyber capabilities.

A planned implementation of the cyber strategy is crucial for successfully executing strategies in the face of challenges such as skill and budget shortages prevailing across Africa. Developing skills in cybersecurity and information risk can help organisations to enhance their approach to cybersecurity.

What does this mean for technological advancements?

Data encryption may be the most important solution at this stage, ensuring that even if your data is stolen, hackers wouldn’t be able to easily access it. South African laws state that consumer data should be protected at all times, and businesses should continually improve this aspect of their tech advancements.

There is also a need to improve the firewalls as they control the flow of outgoing and incoming network traffic to protect against untrusted networks and potential malicious attacks.

While there are many areas to include when it comes to improving security measures, it is also important to continuously educate both consumers and staff about cybersecurity. It is of paramount importance that they know about terms such as phishing, ransomware, and malware and play their part in preventing cyber-attacks.