Agility, meticulous alignment and testing

1 July 2020 Cyber Security

In today’s always-on, always-connected economy, businesses are under pressure to enhance their cybersecurity strategy and prove to their customers that data protection is critical to their customer engagement strategy. Furthermore, as the world economy continues to digitise operations, supply chains, business transactions, and employee and customer services, cyberattacks are expected to continue to pose one of the major threats to the world.

The World Economic Forum’s ‘Global Risks Report 2020’ (https://www.weforum.org/reports/the-global-risks-report-2020) ranks cyberattacks as the second risk of greatest concern to businesses in the coming decade. As the tools of the Darknet become more sophisticated and accessible, cyberattacks are increasingly borderless – taking advantage of jurisdictional constraints of regional authorities. In cybersecurity, new threats and vulnerabilities appear at break-neck speed, so, as new technologies create opportunities to innovate, we’re seeing more large-scale data loss and the rise of ransomware attacks – so business resiliency planning is key to survival.

Why businesses must act

Reacting in real time to a cyberattack is already too late. Managing the risk requires agility, meticulous alignment across the business and testing to maintain awareness – it’s about being proactive rather than reactive. Cyber resilience is more important than ever as medium-sized businesses assess their risk of being attacked, whether at the hands of criminals or as collateral damage in cyber warfare.


Michel Nader.

Any data loss can put the nails in the coffin for unprepared businesses. While today’s business leaders may hope to evade the hit-list, it is a matter of ‘when not if’. According to the Dell Technologies’ Institute for the Future (IFTF) ‘Realising 2030’ Study, 4600 business leaders around the world ranked security and data privacy concerns as the most pressing barrier to successful digital transformation. 51% of them admitted that they have ineffective cybersecurity measures in place while 59% believe their workforce aren’t sufficiently security savvy.

It is also interesting to note that in the Middle East specifically, the growing proliferation of IoT devices is creating massive security gaps that are enabling cyber criminals to double the number of data breaches and identity thefts every year. The reason being: as more organisations pursue digital transformation initiatives, they’re encountering new, complex risks that are expanding their attack surface. So, as IoT- and AI-enabled machines continue to be integrated into businesses, it is critical to ensure that these networked devices remain safe and secure.

Defending against catastrophic data loss

Protecting a huge portfolio of assets is not easy, especially as it expands. But every business must understand what its DNA is – that’s the critical 10-15 percent of data that must be protected at all costs. Defending a business from the worst-case scenario, mission-critical data loss, requires cybersecurity expertise and a holistic approach to resilience. Awareness needs to be built across the business – this is not just a tech problem. Synergy between technology and business processes is where true resilience is attained. Leaning on cyber experts when it comes to planning and implementation will help businesses to identify key applications, recovery times and objectives.

Every arm of the business needs to understand where its most sensitive data and services sit and the level of risk around them. To understand the level of risk an agile approach is needed, because risk changes along with the business landscape. For this reason, regular scans and analysis of the internal landscape are essential to understand these changes and the impact.

For some, this can often lead to analysis paralysis – the desire to save it all. In the same way that we would only carry our most essential belongings from a burning home, businesses must decide upon their most prized data so that it can be protected and used to recover the business in the aftermath.

The good news is, this process can be simplified by data protection and cybersecurity services that enable organisations to establish policy-driven automated workflows to move business-critical data into an isolated environment and lock it down in less than five steps. This is called a cyber vault, the ultimate protection for a business’ DNA. In the event of an attack, this data will help businesses to recover. When responding to cyber incidents and working to bring critical systems and data back online, accuracy and simplicity matter. A cyber recovery plan must be fully integrated within the business and align with its cloud strategy over the following five years.

The other way to be better prepared is to simplify the data landscape and make data available and protected from edge to core to multi-cloud, while protecting heterogeneous environments through superior risk reduction and advanced security solutions.

To conclude

The speed of innovation has opened the world to new opportunities, but has also become a Pandora’s box of risk. It’s important to remember that whatever threat trends proliferate, business leaders cannot overlook the role security and risk management play in their overall strategy. By not recognising security as a potential business inhibitor, organisations open themselves to blind spots and vulnerabilities that can cause severe financial losses and reputation risks.

Looking ahead in 2020, all businesses need to be thinking like this and not assuming that simply having the right tools in place will automatically make the organisation immune to a targeted, complex attack. The right security posture will require an adequate amount of support from the C-Suite and an investment in people and processes that help make the tools more effective. The best way to succeed in the age of digital transformation is to truly invest in cyber resilience in order to shore up the gaps in this ever-changing environment.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Work from home securely
Issue 5 2020 , Cyber Security
First Consulting provides enterprise-level IT security to working-from-home employees at more than 40 South African organisations.

Read more...
Cybersecurity comment: A holistic approach to threat vulnerability
Issue 5 2020 , Cyber Security
Any organisation, whether large or small, public or private, should follow an established framework in order to protect itself against cyber threats.

Read more...
Email security in COVID-19 times
Issue 5 2020 , Cyber Security
MJ Strydom, MD of cybersecurity specialist company, DRS, takes a look at email security in the era of COVID-19 and beyond.

Read more...
June 2020’s most wanted malware
Issue 5 2020 , Cyber Security
Check Point Research finds sharp increase in attacks using the Phorpiex Botnet delivering new ‘Avaddon’ ransomware via malspam campaigns.

Read more...
60% in SA victim to public cloud cybersecurity incidents
Issue 5 2020 , Cyber Security
Ransomware and malware, exposed data, compromised accounts, and cryptojacking to blame; GDPR shows promise with Europeans suffering least.

Read more...
Vodacom Business enhances cyber resilience
Issue 5 2020 , Cyber Security
Partnership with Cloudflare will allow Vodacom Business to offer DDoS protection and traffic acceleration for all network infrastructure — whether on-premise, cloud-hosted, or in a hybrid environment.

Read more...
Tax season often equals tax scams
Issue 5 2020 , Cyber Security
While many of us cannot wait for our refunds, this is also a time of the year when cybercriminals are waiting to attack.

Read more...
Cybersecurity comment: Cyber threats remain relentless
Issue 5 2020, CA Southern Africa , Cyber Security
Over 80% of email-based threats in Q1 2020 leverage COVID-19 in some form to feign legitimacy to the end user.

Read more...
11 essential steps to reinforce cybersecurity
Issue 5 2020 , Cyber Security
Wayne Olsen has compiled a guideline to ensure that businesses and their employees are protected while working remotely.

Read more...
Cybersecurity comment: Securing the real endpoint
Issue 5 2020 , Cyber Security
The corporate perimeter is fast becoming irrelevant, as the so-called security boundary extends to wherever an Internet connection exists.

Read more...