Industry experts give their inside take and provide some insights to address the issue.
In recent years, South Africa has witnessed a disturbing trend: an alarming increase in corporate cyberattacks. Instead of lessening, the threat of cybercrime continues to grow, impacting more than half of the country’s companies in the past year alone. This surge in attacks demands urgent attention and calls for a comprehensive approach to address the issue effectively.
The targets of cybercriminals are diverse, extending beyond banks and financial institutions to encompass public services, healthcare, manufacturing, information technology, and education sectors. The methods employed by cybercriminals are equally diverse, ranging from phishing attacks and malware infections to ransomware, DDoS attacks, and insider threats. Now, a new menace emerges in the form of Business Email Compromise (BEC), where cybercriminals defraud organisations through deceptive emails appearing to originate from trusted sources.
One contributing factor to the rising number of cyberattacks in South African firms is the emergence of advanced persistent threats (APTs). These sophisticated attacks remain undetected for extended periods, targeting high-value entities such as prominent companies and government departments. APTs aim to exfiltrate information over an extended duration, compounding the risks and consequences of cybercrime.
Several factors contribute to the proliferation of cyberattacks in South Africa. Insufficient awareness of information and cybersecurity, lack of skilled personnel, inadequate controls, and poorly monitored system vulnerabilities all play a role. To effectively avert these threats, companies must prioritise the implementation of standardised cybersecurity measures.
Recognised globally, the ISO/IEC 27001:2022 and ISO/IEC 27032:2012 certifications provide essential frameworks for combating cybercrime within organisations. These standards serve multiple purposes, including raising awareness about cyber- and information security, implementing preventive and protective controls, meeting international security standards, offering training and awareness programmes, and ensuring the proactive updating of technological infrastructure.
To fully realise the benefits of standardised processes, organisations must adopt a comprehensive approach. Effective implementation, identification of gaps, and definition of corrective actions are crucial. Internal processes should also be standardised to reduce errors, waste, and risks. Frequent awareness training on implemented standards further enhances cyber resilience.
Building a cyber-resilient organisation requires a four-step process advocated by experts in the field. First and foremost, accountability for cyber risk management must rest with the highest levels of leadership within an enterprise. The board should fully comprehend the costs and consequences of a cyberattack. Second, cyber risk affects the entire organisation, necessitating a multidisciplinary and multi-level response that engages all stakeholders. Third, proactive measures must be taken to anticipate attacks rather than relying solely on reactive response teams. Incident-response training and scenario planning help identify vulnerabilities and threats. Lastly, organisations should explore risk transfer opportunities, such as cyber insurance, to protect their balance sheets. Cyber insurance provides financial support post-incident and offers pre-loss prevention and post-loss services.
By implementing these strategies, businesses in South Africa can significantly enhance their ability to respond to cyberattacks promptly and continue operations even in the face of adversity. The time for action is now, and it is imperative for organisations to prioritise cyber security and fortify their defences against the escalating risk of corporate cyberattacks.
Authors
Clark Basilwa, IT security consultant at South Africa’s World Wide Industrial and Systems Engineers (WWISE), and Kgotso Masenya, WWISE’s head of information technology
