Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Protecting your business in the digital economy

Issue 8 2023 Editor's Choice

By Paul Meyer, Security Solutions Executive, iOCO.

The iconic 1987 movie The Untouchables portrays one of the main characters posing the question, ‘Who can you trust?’ The question, and the answer, delivered forcefully by the late acting legend Sean Connery, was ‘no one’. Art imitates life because as we go into 2024, this was never truer in a world of exponential cybercrime stats.

Conducting business in the digital age has never been more challenging. In the Zero Trust cyber security model, nothing is more important than proactively safeguarding enterprise data. Fortunately, many technologies exist to do just this. Zero Trust technologies must work cohesively and closely together if they are to offer complete coverage from threats. While they can be broken out individually, a true Zero Trust solution requires an intricate web of protection, arranged strategically for the enterprise’s unique needs across all attack vectors.


Paul Meyer.

Compliance nuances of industry sectors

Each industry, region and country has its own set of regulations and standards that must be followed. For example, the financial industry is a premium cybercriminal target. The Payment Card Industry Data Security Standard (PCI DSS) addresses the protection of credit cardholder data. The requirements apply to all system entities and components involved in the Cardholder Data Environment (CDE) - users, process workflows, and network or system devices that store and transmit cardholder or authentication data. There are twelve stringent mandatory requirements that must be met by the PCI DSS sector, which I will not list in detail, but these are just a few of the regulations to be aware of when conducting business in today’s digital economy.

Given the complexities of the PCI DSS, enterprises need to enlist the help of legal, information security, IT, risk, and operations teams to make sure that all the bases are covered.

The important thing to understand is that it is not only your organisation that must be compliant. Businesses working with non-compliant third parties can be liable for damages along with the original culprit company. To protect the enterprise and its customers, every third-party vendor’s privacy, risk and compliance programs must also be vetted – as painful as that might appear in terms of time and cost input, but it is essential.

Enterprise businesses need technologies that enforce governance and regulatory compliance policies from end to end, and that can be updated as new standards emerge. These technologies have been innovated to protect the enterprise before an issue arises, falling under the category of proactive zero trust technologies, including:

• Cloud workload security.

• Encryption.

• Network security.

• Policy management.

• Web-application.

• Firewalls.

In more detail

Cloud workload security technologies protect workload execution in Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) environments. These solutions offer automated and layered controls to secure the configurations, network, applications and storage of hybrid cloud hypervisors and workloads.

Cloud security gateways provide visibility into how data moves to and from cloud services. It also enforces usage policies to cloud traffic and data by applying a proxy. Cloud security gateways reduce operational and investment costs while increasing business agility.

A distributed denial-of-service (DDoS) attack overwhelms a targeted system by flooding it with traffic and requests from multiple sources, making it unresponsive to its intended users. This type of cyberattack is carried out by machines or ‘bots’. DDoS mitigation solutions drop the bad traffic before it affects the end-user experience. DDoS mitigation technologies are essential for industries relying on significant revenue from e-commerce or online transactions. They ensure customer-facing sites and applications are resilient and protect revenue-generating transactions.

Email security is particularly important because of the trend to migrate from self-managed on-premises email to cloud email, such as Office 365. Email security technologies generally include anti-spam, anti-phishing, anti-malware (including ransomware), data leak prevention and encryption techniques. These solutions also monitor outbound email traffic to thwart data loss and encrypt sensitive data.

Encryption technology is essential. It is one of the most effective implementations of data security to prevent theft and protect privacy. Through a confidential key known only to the intended recipient, encryption renders data unreadable to unauthorised parties.

Endpoint security solutions protect endpoint devices like laptops, mobile phones, IoT devices and servers. This is crucial in the world of remote working. Deploying endpoint security is one of the most practical ways to enforce Zero Trust measures—including least privilege policies, user access control, and location and traffic monitoring.

Endpoint detection and response (EDR) is an important subset of endpoint security that should be implemented on all enterprise endpoints to monitor for threats. Once a threat is detected, this technology alerts the cyber security team, isolates the endpoint and remediates it, returning the IT environment to a trusted state. EDR is the last line of defence against digital theft. It focuses on uncovering and remediating issues before they escalate into more intrusive data breaches.

This approach to protecting endpoints eases the burden on the security team to track, detect and respond to threats. By alerting the team to the most relevant and critical security information first and automating manual and repetitive tasks, security teams can use their resources where they matter most.

The bottom line of cybersecurity is that complacency is very dangerous. Businesses need to protect their most valuable asset – information – and doing that means taking cybersecurity seriously and committing to continuous improvement. It means jettisoning old ways of thinking and implementing a Zero Trust infrastructure, which, it must be stated, is not just about technology deployments and introducing policies. What is needed is a paradigm shift in organisations’ approach to data protection and compliance.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

What is your ‘real’ security posture?
BlueVision Editor's Choice Information Security Infrastructure AI & Data Analytics
Many businesses operate under the illusion that their security controls, policies, and incident response plans will hold firm when tested by cybercriminals, but does this mean you are really safe?

Read more...
What is your ‘real’ security posture? (Part 2)
BlueVision Editor's Choice Information Security Infrastructure
In the second part of this series of articles from BlueVision, we explore the human element: social engineering and insider threats and how red teaming can expose and remedy them.

Read more...
IQ and AI
Leaderware Editor's Choice Surveillance AI & Data Analytics
Following his presentation at the Estate Security Conference in October, Craig Donald delves into the challenge of balancing human operator ‘IQ’ and AI system detection within CCTV control rooms.

Read more...
Onsite AI avoids cloud challenges
SMART Security Solutions Technews Publishing Editor's Choice Infrastructure AI & Data Analytics
Most AI programs today depend on constant cloud connections, which can be a liability for companies operating in secure or high-risk environments. That reliance exposes sensitive data to external networks, but also creates a single point of failure if connectivity drops.

Read more...
Toxic combinations
Editor's Choice
According to Panaseer’s latest research, 70% of major breaches are caused by toxic combinations: overlapping risks that compound and amplify each other, forming a critical vulnerability to be exploited.

Read more...
Continuum launches centralised access and identity management
Editor's Choice Access Control & Identity Management Integrated Solutions Facilities & Building Management
Continuum Identity is a newly launched company in the identity management and access control sector, targeting the complexity of managing various Access and Identity Management (AIM) systems.

Read more...
Making drone security more accessible
Editor's Choice Integrated Solutions Residential Estate (Industry) AI & Data Analytics IoT & Automation
Michael Lever discusses advances in drone technology, focusing on cost reductions and the implementation of automated services, including beyond line of sight capabilities, for residential estates with SMART Security Solutions.

Read more...
Private fire services becoming the norm?
Technews Publishing SMART Security Solutions Editor's Choice
As the infrastructure and service delivery in many of South Africa’s major cities decline, with a few, limited exceptions, more of the work that should be done by the state has fallen to private companies.

Read more...
View from the trenches
Technews Publishing SMART Security Solutions Editor's Choice Integrated Solutions Security Services & Risk Management Residential Estate (Industry)
There are many great options available to estates for effectively managing their security and operations, but those in the trenches are often limited by body corporate/HOA budget restrictions and misunderstandings.

Read more...
SMART Estate Security Conference KZN 2025
Arteco Global Africa OneSpace Technologies SMART Security Solutions Technews Publishing Editor's Choice Integrated Solutions Security Services & Risk Management Residential Estate (Industry)
May 2025 saw the SMART Security Solutions team heading off to Durban for our annual Estate Security Conference, once again hosted at the Mount Edgecombe Country Club.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.