Where does SA logistics stand as far as cybersecurity is concerned?

Issue 8 2022 Logistics (Industry), Security Services & Risk Management

South Africa’s logistics industry is battling a war on many fronts. Bad weather, equipment breakdowns and shortages and congestion continue to hamper the country’s ports, adding days to the supply chain and creating havoc downstream.

The conflict in Ukraine and the weakness of the rand are exacerbating the situation, with inflation skyrocketing to the detriment of consumers.

In addition, South Africa is now firmly in the cross hairs of cyber criminals. Antivirus provider Kaspersky’s research shows that ransomware attacks in South Africa doubled between January and April 2022 compared to the same period last year.

The 2021 cyberattack on Transnet was especially damaging, impacting ports, harbours and pipelines to the point that the state enterprise was forced to declare force majeure at several container terminals.

Lesiba Sebola, director of information technology at Bidvest International Logistics (BIL), says it is paramount to safeguard IT infrastructure given how central it has become to operations.

“The bottom line is the financial losses incurred. Transnet, not being able to operate their ports affects us, and obviously, if there are attacks in our own environment that necessitates downtime of the infrastructure, it would be difficult to conduct business.”

Sebola says the most prevalent form of attack is phishing, which seeks to get information from users. “You need a multifaceted approach to protecting your information. We have perimeter security, which involves firewalls, and with operating systems there is always updates you need to do, whether it is an operating system update or security update, to eliminate vulnerabilities the providers have identified.”

However, Sebola stresses that the most important aspect of cyber security is user awareness. “The majority of successful attacks happen here. If your users are not aware, it is like taking a key to your house and throwing it over the security fence for attackers to use.”

“At BIL, we have an online program where staff can learn about security and the different types of attacks: e-mail impersonations, for example. If they spot an e-mail that looks a bit suspicious, we have a special process they follow to alert us so that we can investigate. This forms part of our induction process and occurs on a quarterly basis.”

Like Sebola, Craig Rosewarne, MD of cyber security company Wolfpack Information Risk, believes everyone is at risk of cyberattacks. “You could be an individual, a non-profit, a small charity, it does not matter. The hacker does not care where the money comes from.”

“The harsh reality is that attacks cannot be prevented, but organisations can defend against them, provided they recognise the complexity of digital crimes and tackle them accordingly.”

For Sebola, this means continuously monitoring networks to establish any irregular patterns. “You have to have an incident response plan in place, but you also cannot have a prescriptive one that is generic. This plan will tell you who needs to be involved, who the contact people are, and not just from IT. You need to establish who is involved from legal, operations and the communications side, because there are various aspects that you want to consider.”

“When you have cyber insurance, part of the requirement is that you inform them of any breaches. It is important to keep logs from the IT side. Make sure you contain the attack so that you can preserve the evidence. This is important in terms of the analysis later on to prevent such a breach from happening again.”

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Three new portable power stations to ease load shedding
News Security Services & Risk Management Products
EcoFlow has launched three portable power stations that provide sufficient power for consumers wherever they are; the DELTA 2 and RIVER 2 Series are feature-filled power solutions to the volatile electricity supply.

You cannot bribe a computer
Access Control & Identity Management Security Services & Risk Management
Corruption is a cancer that destroys the prospects and stability of countries and businesses. It widens wealth gaps and punishes the poor. It costs countries many billions in lost revenue.

How much protection does cyber insurance really give businesses?
Cyber Security Security Services & Risk Management
If organisations don’t meet even the minimum requirements of security and data protection, insurance will do them little good. Instead, it needs to be just one part of the digital resiliency toolbox.

Off-grid power solution for residential estate
Editor's Choice Security Services & Risk Management Residential Estate (Industry) Products
Coral Beach Estate, an upmarket residential estate based in East London, has been struggling with load shedding and power outages due to South Africa's energy crisis, as well as the vandalism of its power infrastructure.

SafeCity Guarding rolls out across 14 suburbs in Johannesburg
News Security Services & Risk Management
In a major drive to provide communities across Johannesburg with additional safety, Vumacam, in partnership with Fidelity ADT and other security providers across the region, rolled out the innovative SafeCity Guarding initiative in 14 suburbs.

FleetDomain underpins Afrirent’s value proposition
Logistics (Industry) Security Services & Risk Management
Afrirent, a 100% female black-owned fleet management company, has been relying on FleetDomain software for a number of years to help it deliver outstanding service to a growing number of clients.

Keeping students, staff and communities safe
Vumacam News CCTV, Surveillance & Remote Monitoring Security Services & Risk Management
South African schools are facing increasing security challenges, making effective surveillance systems more important than ever. To address this issue, Vumacam is offering advanced security solutions with security partners, aimed at keeping students, staff, and the community safe.

Technology is key to securing physical and cybersecurity
Education (Industry) Security Services & Risk Management
The interpretation of security in educational institutions depends on whom you are talking to and whether their focus is on the physical security of the institution, its assets and its people, or its information and communication technology perspective.

Recession? Do not skimp on cybersecurity
Cyber Security Security Services & Risk Management
While economists are studying their crystal balls, businesses have to prepare for the worst, and preparing for a recession means cutting costs and refocusing resources; however, they must ensure they do not end up creating an enormous risk.

How to avoid a wipeout
Arcserve Southern Africa IT infrastructure Security Services & Risk Management
Wiper malware aims to delete your data permanently and cause as much destruction as possible. Byron Horn-Botha, Business Unit Head at Arcserve Southern Africa offers readers three steps to protect the organisation from these malicious applications.