Corporations protected, but not secure

Issue 3 2022 News & Events, Information Security, Security Services & Risk Management

Just how secure is your corporation? Nearly three quarters of South Africa’s top 100 corporates are investing more in cybersecurity than the industry average, but an almost equal proportion don’t feel fully protected by their current cybersecurity strategy.

The State of Cybersecurity in South Africa, a study conducted by World Wide Worx on behalf of Intel and Dell Technologies South Africa, reveals that half of South African large businesses are over budget on cybersecurity spend and just over half feel there are now more threats introduced by remote work culture.

“Corporations being over-budget on cybersecurity spend may look like a positive sign, but it also raises the likelihood that the budgets were too low to begin,” says World Wide Worx CEO Arthur Goldstuck, principal analyst on the research project. “In the game of cybercrime cat-and-mouse, one could argue there is no such thing as being over-resourced. However, under-resourcing not only exposes companies to risk, but also poses an existential threat. A major breach can bring down a company. Budgets must catch up to the significance of the threat.”

Challenges range from these macro threats all the way down to individual losses. With the pandemic and lockdowns having sent corporate employees home, 55% of IT decision makers are concerned about their staff losing their devices. And it’s not only about the physical loss and immediate cost of replacement.

Khairy Ammar, services sales director for Emerging Africa and South Africa at Dell Technologies, says: “As new threats and vulnerabilities appear at break-neck speed, new technology also creates opportunities to innovate. As we navigate the changing landscape of work, it is imperative to deliver solutions that keep the organisations and their employees safe. With breaches now happening both above and below the OS, organisations need to keep endpoints secure from anywhere.

“You need intelligent solutions that prevent, detect and respond to threats wherever they occur. A procedural measure like taking on a certified cybersecurity partner to manage these services is often the best protection for corporates.”

A finding that will provide the business world with greater confidence is that three quarters of large corporations (77%) report their devices are upgraded frequently and support both Secure Boot and Trusted Protection Modules – which helps mitigate physical access vulnerabilities. Many cyber hygiene factors are implemented by corporates, with the majority using VPN access control and cloud platform managed security. These factors being implemented show that corporates are aware of advanced methods of protecting themselves.

The vast majority (99%) of corporates are aware that disaster management is essential. This figure must, however, be seen in the context of only 40% of large businesses using multiple solutions to protect, backup and replicate their data in the event of disaster. That said, most respondents (99%) had not experienced cyberattacks that led to financial loss.

The 1% that experienced loss after a data leak provide a useful case study of security stances after an attack: these businesses had their systems compromised before the onset of remote working, indicating that no matter how a corporate geographically locates its employees, it remains vulnerable.

Compromises and vulnerabilities are revealed through the weakest link in the IT system, which is often an organisation’s own employees and this may allow in ransomware programs or phishing attempts. More than half of businesses report that ransomware and phishing attempts have increased in the past year, or that they simply can’t keep up with the numbers of attempts.

Bryan Turner, World Wide Worx senior data analyst, says awareness and action are key: “Training employees to work safely but spotting out-of-character emails and communications can save a company from all the phishing headaches involved with cybersecurity incidents.”




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
From QR code to compromise
Information Security News & Events
A new attack vector involves threat actors using fraudulent QR codes emailed in PDF attachments to bypass companies' phishing security measures by requiring users to scan the code with their mobile phones.

Read more...
Boost revenue streams for MNOS
News & Events Security Services & Risk Management Financial (Industry)
ReveNet has introduced its new solution, designed to safeguard and potentially boost revenue streams in an increasingly challenging landscape for MNOS. The new platform combines advanced analytics and is built on trust, transparency, and sustainability principles.

Read more...
Here’s to a SMART 2025
SMART Security Solutions Editor's Choice News & Events
This is the final news brief from SMART Security Solutions for 2024, and the teams would like to take this opportunity to thank our readers, advertisers and partners and wish everyone a safe and secure festive season.

Read more...
Organisations fear AI-driven cyberattacks, but lack key defences
Kaspersky Information Security News & Events Training & Education
A recent Kaspersky study reveals that businesses are increasingly worried about the growing use of artificial intelligence in cyberattacks, with 56% of surveyed companies in South Africa reporting a rise in cyber incidents over the past year.

Read more...
South African SMBs chart growth amid economic uncertainties
News & Events
Survey shows that business confidence among South African SMBs remains strong at 78%, but opportunities abound to boost productivity and accelerate digital transformation. Additionally, AI adoption has gained traction, with two-thirds of South African SMBs investing in AI over the past year.

Read more...
Smart surveillance and cyber resilience
Axis Communications SA Surveillance Information Security Government and Parastatal (Industry) Facilities & Building Management
South Africa’s critical infrastructure sector has to step up its game regarding cybersecurity and the evolving risk landscape. The sector has become a prime target for cybercriminals on top of physical threat actors, and the consequences of an incident can be far-reaching.

Read more...
ONVIF launches new online learning initiative
Training & Education Surveillance News & Events
ONVIF has released the first course in a new online learning initiative designed to promote greater knowledge and understanding of ONVIF's workings. The first “Introduction to ONVIF” course is now available.

Read more...
NIS2 compliance amplifies skills shortages and resource strain
Information Security Security Services & Risk Management
A new Censuswide survey, commissioned by Veeam Software reveals the significant impact on businesses as they adapt to this key cybersecurity directive, with 95% of EMEA businesses siphoning other budgets to try and meet compliance deadline.

Read more...
Gallagher Security opens Cape Town office
Gallagher News & Events Access Control & Identity Management
Acknowledging a significant period of growth for the company in South Africa, opening a second office will enable Gallagher to increase its presence across the region with staff based in Johannesburg and Cape Town.

Read more...