Ryan van de Coolwijk, Product Head: Cyber at iTOO Special Risks
The outbreak of the COVID-19 pandemic in March 2020 saw an unprecedented surge in cyber threats and attacks as organisations around the globe implemented work-from-home policies, which saw a huge uptake of cloud-based collaborative tools, as well as employees accessing corporate networks and resources through company VPNs.
The acceleration of digital transformation and the abrupt nature of cloud adoption meant that many companies made this transition without proper cybersecurity preparedness, which increased their attack surface, as employees logged in through unsecured networks and home computers. The risk increases exponentially when companies have security gaps such as passwords that never expire and folders containing sensitive data open to every employee.
According to the Varonis 2021 Data Risk Report, on average, a financial services employee has access to nearly 11 million files the day they walk in the door. For large organisations, the number is double: 20 million files open to all employees.
Hence, two of the highest security priorities for IT are securely transitioning to remote work and locking down exposed data to mitigate the risks stemming from remote logins. As many organisations have discovered, digitally transforming without the proper security controls exponentially increases the risk posed by insiders, malware and ransomware attacks, while also exposing companies to possible non-compliance with regulations.
South African landscape
In South Africa, the situation is no better than in other parts of the world. The Veeam Data Protection Trends Report 2022 reveals that 86% of South African organisations suffered ransomware attacks, making cyberattacks one of the single biggest causes for downtime for the second consecutive year.
The report also found that on average, per attack, organisations were unable to recover 31% of their lost data, while 78% were unable to recover at least some of the data they had lost. At the same time, human error remains a massive risk, with 49% of local organisations reporting accidental deletion and overwriting of data or data corruption as a primary cause of IT outages.
Insurance technology with a difference.
The end-to-end insurance platform that puts your customers first.
However, securing remote working environments also proved to be a challenge in many cases, as organisations found that some of their staff stay in areas with poor connectivity, making it difficult to push security updates and patches to these users. Therefore, the past two years have seen an unprecedented drive by hackers to exploit commonly used platforms, as remote workers often used devices with access to sensitive information out in the “wild”.
The work-from-home trend has definitely also seen less awareness of security practices, with employees often letting their guard down when working remotely. As a result, attempted and successful phishing and ransomware attacks have also grown exponentially.
While South Africa’s Protection of Personal Information (POPI) Act came into force in July last year, we have yet to any fines or penalties being imposed on companies that are not compliant with the regulatory requirements of this legislation.
Enforcement of POPI Act
Encouragingly, the country’s Information Regulator announced earlier this month that has reached a significant milestone with the establishment of its Enforcement Committee. The POPI Act provides that the Enforcement Committee may make any recommendation to the Regulator necessary or incidental to any action that should be taken against a responsible party in terms of the Act or an information officer or head of a private body in terms of the Promotion of Access to Information Act. This means that it should just be a matter of time before penalties and fines are imposed for non-compliance.
At the same time, while the cybersecurity threat landscape continues to evolve in both sophistication and frequency of attacks, so does the innovation and advancement of security solutions and tools.
For example, the next generation of endpoint protection is underpinned by artificial intelligence, which can monitor all processes on the device to detect suspicious activity, or multi-factor authentication, which adds additional layers of protection to the sign-in process.
Unfortunately, this is an ongoing battle, as cybercrime has become a very lucrative business, meaning that cybercriminals will continue to create more sophisticated and targeted attacks. This means that businesses and employees constantly remain at risk.
Considering the significant risk posed by cyber threats to organisation, it has never been more vital that companies adopt a robust cybersecurity posture, by implementing a system of precautionary measures, as well as a cybersecurity-first culture to make cybersecurity a critical component of an organisation’s values and ethics.