Creating a cybersecurity strategy in a world where threats never sleep

January 2024 Information Security, Infrastructure

Kabelo Makwane.

[Sponsored Content] In the last four years, we have seen a broad cultural shift when it comes to the way businesses operate in relation to technology. This shift has made way for more agile and intelligent business outcomes, but growing adoption speeds and moves towards digitalisation are far from new phenomena.

In 2013, an article posted by the Harvard Business Review commented on how technology adoption rates had increased, comparing the adoption of tablet technology with innovations like electricity and telephones. Ten years later, the rate of adoption of technology is incomparable. The rate of adoption of technologies like AI has skyrocketed to a point where 50% to 60% of all organisations use AI in some form. Even more impressively, cloud adoption among enterprise organisations, which is above 90%, and accounts for 75% of the workload in one out of five organisations.

The dialogue around these achievements in technological adoption has changed. In 2013, businesses were aiming to achieve the status of being ‘technologically enabled’, a catchphrase still used today, but simply having the technology is no longer enough. This is due to one simple yet sinister development – cybercrime. While the adoption of AI has helped improve the agility and efficiency of above-board businesses, so too has it helped improve the efficacy of cybercriminals.

Although not a new problem, cybercrime has risen alarmingly quickly to the top of the charts when it comes to business concerns. The boom of Internet of Things (IoT) technology and the chaos that surrounded the sudden shift to work-from-home models in 2020 kick-started the age of cybercrime. In that period, incidents rose by 600%, affecting every industry and showing no signs of slowing down. One report predicts the cost of cybercrime will continue to rise to $10.5 trillion dollars by 2025, up nearly 117% from $3 trillion in 2015. Today, organisations need to be more than just technologically enabled, they need to be future secure.

The biggest difference between being technologically enabled and future secure is the incorporation of the human aspect of cybersecurity. A staggering 88% of data breaches are the direct result of human error. This is compounded by poor training, with 42% of organisations listing a failure in their employee security training as one of their top three challenges. Changes in employee expectations, which have seen flexibility rise to the top of employee demands, undoubtedly play a role in this. In a recent Standford study, 50% of respondents claimed to be “very” sure they had made an error at work that could have led to security issues. Nearly 45% cite distractions as the top reason for these errors, and 57% admitted being more distracted when working from home.

As a result, organisations can no longer take the approach that cybersecurity is the responsibility of just the Chief Technology Officer and their team. Rather, a basement-to-boardroom approach to cybersecurity, which incorporates effective training, is the key to ensuring the security of your organisation.

This comprehensive approach is becoming even more important. Voice and video mimicking have recently gained popularity among malicious groups. While early AI allowed criminals to produce impressively tailored written phishing emails and text messages, this more recent advancement has even led executives to believe they are having a conversation with someone from within their organisation.

So how do organisations become future secure and ensure they are equipped to meet these changing challenges? Although a ‘human firewall’ is arguably the most important factor, organisations must be able to match the malicious groups pound for pound in terms of technology as well as use this technology in a way that serves their purpose. This is where the concept of a cybersecurity footprint is important.

Similar to a digital footprint, a cybersecurity footprint specifically refers to the information related to an individual or organisation's cybersecurity measures, practices, vulnerabilities, and defences in the digital realm. Incorporating everything from firewall configurations to encryption methods, access controls and incident response plans, a cybersecurity footprint encompasses the security protocols, software, hardware, policies, and practices in place to protect digital assets and sensitive information. It is crucial that this be analysed on a regular basis to address any vulnerabilities that may have developed and to understand the adequacy of your current measures.

Simply having this technology in place is not sufficient. Technology cannot exist in a void when it comes to cybersecurity; neither can people. It is critical that organisations implement robust and regular training programmes to keep employees up to speed on the latest threats, policies, and procedures. There is a critical need to improve the attitudes and skills of all employees around cybersecurity for any strategy to be truly effective.

To help businesses achieve this and reduce the prominence of failed cybersecurity training, Vodacom Business is asking organisations of all sizes to ‘Turn to Us’ to protect their data and equip their employees, from the basement to the boardroom, with the skills they need.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The TCO of cloud surveillance
DeepAlert Verifier Technews Publishing Surveillance Infrastructure
SMART Security Solutions asked two successful, home-grown cloud surveillance operators for their take on the benefits of cloud surveillance to the local market. Does cloud do everything, or are there areas where onsite solutions are preferable?

A strong cybersecurity foundation
Milestone Systems Information Security
The data collected by cameras, connected sensors, and video management software can make a VMS an attractive target for malicious actors; therefore, being aware of the risks of an insecure video surveillance system and how to mitigate these are critical skills.

Surveillance and cybersecurity
Cathexis Technologies Information Security
Whether your business runs a security system with a handful of cameras or it is an enterprise company with thousands of cameras monitoring sites across a multinational organisation, you must pay attention to cybersecurity.

Cybersecurity and AI
AI & Data Analytics Information Security
Cybersecurity is one of the primary reasons that detecting the commonalities and threats of what is otherwise completely unknown is possible with tools such as SIEM and endpoint protection platforms.

What are MFA fatigue attacks, and how can they be prevented?
Information Security
Multifactor authentication is a security measure that requires users to provide a second form of verification before they can log into a corporate network. It has long been considered essential for keeping fraudsters out. However, cybercriminals have been discovering clever ways to bypass it.

SA's cybersecurity risks to watch
Information Security
The persistent myth is that cybercrime only targets the biggest companies and economies, but cybercriminals are not bound by geography, and rapidly digitising economies lure them in large numbers.

Cyber insurance a key component in cyber defence strategies
Information Security
[Sponsored] Cyber insurance has become a key part of South African organisations’ risk reduction strategies, driven by the need for additional financial protection and contingency plans in the event of a cyber incident.

Deception technology crucial to unmasking data theft
Information Security Security Services & Risk Management
The ‘silent theft’ of data is an increasingly prevalent cyber threat to businesses, driving the ongoing leakage of personal information in the public domain through undetected attacks that cannot even be policed by data privacy legislation.

Data security and privacy in global mobility
Security Services & Risk Management Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Sophos celebrates partners and cybersecurity innovation at annual conference
News & Events Information Security
[Sponsored] Sun City hosted Sophos' annual partner event this year, which took place from 12 to 14 March. Sophos’ South African cybersecurity distributors and resellers gathered for an engaging two-day conference.