Preventing cyberattacks on critical infrastructure

Issue 4 2022 Industrial (Industry), Information Security

Carlo Bolzonello.

The notion of cyberattacks seems distant from our daily lives as we go about our work, social and family lives. Cyberattacks feel like they happen to big businesses which can quickly bounce back from them after the issue is identified and fixed, just as quickly as we would bounce back from being sick, once the illness was diagnosed and treated.

Cyberattacks have the potential to disrupt our lives completely, and in instances where critical national infrastructure is attacked, they could disrupt the country’s entire economy, leading to loss of life and livelihoods.

In the last few years, we’ve already seen successfully targeted advanced cyberattacks on some of our nation’s most critical economic functions, with devastating consequences. It’s not difficult to imagine what would happen if an attack was to be directed at one of South Africa’s state-owned enterprises or other essential parts of the country’s infrastructure: the country would be crippled and the economy severely damaged.

With nearly every element of South African society – from our banks and businesses to state-owned entities and government departments among others – all making use of the speed, efficiency and convenience of digital solutions, the country’s digital infrastructure needs a holistic, integrated security ecosystem and a cloud-first approach that makes it possible for all security products to work together.

This would be possible via an extended detection and response (XDR) approach to security, that uses machine learning and automation to complement human skills to protect private and public sector environments, helping them adapt and stay agile, and able to respond to active threats through dynamic prevention policies.

By harnessing the power of machine learning and automation to unlock insights and streamline workflows, organisations can stay one step ahead of adversaries, adapt to new threats, and accelerate detection and correction through the entire defence lifecycle.

This ‘living security’ approach makes public sector and private organisations more resilient through the interconnection of a wide variety of threat sensors and capabilities, so they know their operations are protected. It is native and open, and leverages an optimal blend of expert advice, assistance, and automation so security teams are more effective and efficient when incidents happen.

While South Africa does have the Critical Infrastructure Protection Act and the Cybercrimes Act in place, the former legislates the protection of infrastructure, while the latter deals specifically with cybercrime, making it easier for investigating agencies to gather evidence of cybercrime, and to seek support from their counterparts in other countries.

The true effectiveness of this legislation is yet to be determined, however, but the time to address cybercrime is before it happens, crippling the country’s infrastructure and resources, and before it’s too late to prevent catastrophic physical and reputational damage to the structures that keep our nation alive.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Cybersecurity and AI
AI & Data Analytics Information Security
Cybersecurity is one of the primary reasons that detecting the commonalities and threats of what is otherwise completely unknown is possible with tools such as SIEM and endpoint protection platforms.

Data security and privacy in global mobility
Security Services & Risk Management Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Sophos celebrates partners and cybersecurity innovation at annual conference
News & Events Information Security
[Sponsored] Sun City hosted Sophos' annual partner event this year, which took place from 12 to 14 March. Sophos’ South African cybersecurity distributors and resellers gathered for an engaging two-day conference.

The CIPC hack has potentially serious consequences
Editor's Choice Information Security
A cyber breach at the South African Companies and Intellectual Property Commission (CIPC) has put millions of companies at risk. The organisation holds a vast database of registration details, including sensitive data like ID numbers, addresses, and contact information.

AI augmentation in security software and the resistance to IT
Security Services & Risk Management Information Security
The integration of AI technology into security software has been met with resistance. In this, the first in a series of two articles, Paul Meyer explores the challenges and obstacles that must be overcome to empower AI-enabled, human-centric decision-making.

Milestone Systems joins CVE programme
Milestone Systems News & Events Information Security
Milestone Systems has partnered with the Common Vulnerability and Exposures (CVE) Programme as a CVE Numbering Authority (CNA), to assist the programme to find, describe, and catalogue known cybersecurity issues.

Access & identity expectations for 2024
Technews Publishing IDEMIA ZKTeco Gallagher Salto Systems Africa Regal Distributors SA Reditron Editor's Choice Access Control & Identity Management Information Security AI & Data Analytics
What does 2024 have in store for the access and identity industry? SMART Security Solutions asked several industry players for their brief thoughts on what they expect this year.

Zero Trust and user fatigue
Access Control & Identity Management Information Security
Paul Meyer, Security Solutions Executive, iOCO OpenText, says implementing Zero Trust and enforcing it can create user fatigue, which only leads to carelessness and a couldn’t care attitude.

Passwordless, unphishable web browsers
Access Control & Identity Management Information Security
Passkey technology is proving to be an easily deployed way to bring unphishable, biometric-based security to browsers; making identification and authentication much more secure and reliable for all parties.

Practical guide to protect data privacy
Training & Education Information Security
The Data Privacy Toolkit, reflecting the evolving landscape of data privacy, includes guidelines and recommendations to safeguard sensitive information crucial for protecting sensitive information from malicious actors.