Surviving cybersecurity challenges

May 2018 Editor's Choice, Information Security

The business landscape is being reshaped by the process of digital transformation, which affects every sector, industry and organisations of all sizes. While this process is enabling companies to strategically employ technology to capitalise on new business opportunities, become more efficient, and empower their staff to be more productive, it is also creating new threats to businesses in the form of cybersecurity risks.

According to the Allianz Risk Barometer Report 2017, which identifies the most prominent threats for businesses, 38% of respondents listed cyber incidents as a top threat for South African businesses. This is not surprising, since South Africa has the third highest number of cybercrime victims worldwide according to the report. Moreover, the country is experiencing more cyber-attacks compared to its counterparts on the African continent.

Another risk factor for businesses is the potential chaos that so-called ‘cyber hurricane’ events could unleash. During this type of attack, which is predicted to increase in frequency this year, hackers disrupt larger numbers of companies through targeting of their common infrastructure dependencies.

Companies with strong, hardened network paired with policies, processes, and people all proactively monitoring and responding to cyber threats and aligned with your organisation’s stated cybersecurity goals, will be in great shape to avoid these cyber perils.

Businesses that don’t have this in place need to consider taking the proper measures to avoid undergoing a cybersecurity crisis, as a network with poorly implemented security is very attractive to hackers and in many cases will lead to an accelerated spreading of viruses, malware and other cyber threats.

The Axis Communications approach

To assist with this, Axis Communications recommends a novel approach to cybersecurity. It involves organisations placing independent firewalls around small clusters of servers or userless computers in addition to the firewall around their entire network. In this way, if someone breaks into one cluster of servers, they will not be able to move laterally to access the entire network.

Additional steps may help you counter cybersecurity threats. The first of these is assessing security and evaluating the trustworthiness of users and devices is also important. As cybersecurity is becoming more dynamic, businesses are increasingly assessing security based on circumstantial factors. Depending on where you are, for example, your computer can be considered more or less at risk.

Trustworthiness varies with time and depends on what we know about the device and the user. For example, if the device does not have the latest patches, its trust decreases. If the user exhibits strange behaviour, such as logging in from London and then from Melbourne within a physically impossible timespan, their trust drops. If the trustworthiness of your devices declines, you will have access to fewer resources. Trust can be lost quickly and is often regained slowly.

To aid in this risk assessment process, resources are ranked in relation to the level of trust they require for someone to access them. In some cases, proprietary or sensitive resources require greater trust while, in other cases, how integrated these resources are with the entire network may require more trust. Furthermore, untrustworthy devices are now being isolated with micro-firewalls. Untrustworthy devices include those that were made by countries whose government are considered to be geo-strategic rivals of liberal democracies.

The next step is to establish networks of trust. Security is all about building a network of trust. When it comes to putting devices on your network, each organisation must ask serious questions about whether or not the manufacturer and the business installing the device are trustworthy.

A good analogy to illustrate this is boarding an aeroplane. When security asks if you packed your bag yourself, the best answer is: “Yes, I packed my bag myself.” A not-so-good answer is: “Actually, it was my spouse who packed my bag.” In this case, the rest of us have to hope that your spouse loves you. But the really bad answer is: “No, my neighbour who is on the federal watch list packed my bag.”

It’s the same thing when someone wants to put a device on your network. You should ask: “Did you write the software yourself?” Generally speaking, the answer is: “No.” Then, you ask whether you know the person or people who wrote the software for this device. And, if the answer is “yes,” and it was written by a military/government agency of a geo-strategic rival of your government, then you should think twice about putting the device on your network.

Security is everyone’s responsibility. The goal of a company should be to not only implement security strategies for themselves, but to be cognisant of the “bono pastore” (meaning good shepherd) principle: We must protect the network.

For more information contact Axis Communications, +27 (0)11 548 6780, [email protected], www.axis.com



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Local-first data security is South Africa's new digital fortress
Infrastructure Information Security
With many global conversations taking place about data security and privacy, a distinct and powerful message is emerging from South Africa: the critical importance of a 'local first' approach to data security.

Read more...
Making drone security more accessible
Editor's Choice Integrated Solutions Residential Estate (Industry) AI & Data Analytics IoT & Automation
Michael Lever discusses advances in drone technology, focusing on cost reductions and the implementation of automated services, including beyond line of sight capabilities, for residential estates with SMART Security Solutions.

Read more...
Private fire services becoming the norm?
Technews Publishing SMART Security Solutions Editor's Choice
As the infrastructure and service delivery in many of South Africa’s major cities decline, with a few, limited exceptions, more of the work that should be done by the state has fallen to private companies.

Read more...
View from the trenches
Technews Publishing SMART Security Solutions Editor's Choice Integrated Solutions Security Services & Risk Management Residential Estate (Industry)
There are many great options available to estates for effectively managing their security and operations, but those in the trenches are often limited by body corporate/HOA budget restrictions and misunderstandings.

Read more...
SMART Estate Security Conference KZN 2025
Arteco Global Africa OneSpace Technologies SMART Security Solutions Technews Publishing Editor's Choice Integrated Solutions Security Services & Risk Management Residential Estate (Industry)
May 2025 saw the SMART Security Solutions team heading off to Durban for our annual Estate Security Conference, once again hosted at the Mount Edgecombe Country Club.

Read more...
Data resilience at VeeamON
Technews Publishing SMART Security Solutions Infrastructure Information Security
SMART Security Solutions attended the VeeamON Tour in Johannesburg in August to learn more about data resilience and Veeam’s initiatives to enhance data protection, both on-site and in the cloud.

Read more...
Get the AI fundamentals right
Leaderware Editor's Choice Surveillance AI & Data Analytics
Much of the marketing for CCTV AI detection implies the client can just drop the AI into their existing systems and operations, and they will be detecting all criminals and be far more efficient when doing it.

Read more...
SMART Surveillance Conference in Johannesburg
Arteco Global Africa Technews Publishing SMART Security Solutions Axis Communications SA neaMetrics Editor's Choice Surveillance Security Services & Risk Management Logistics (Industry) AI & Data Analytics
SMART Security Solutions hosted its annual SMART Surveillance Conference in Johannesburg in July, welcoming several guests, sponsors, and speakers for an informative and enjoyable day examining the evolution of the surveillance market.

Read more...
Secure data protection without hardware lock-in
Infrastructure Information Security News & Events
New Veeam Software Appliance empowers IT teams to achieve instant protection with Veeam’s fully preconfigured, software-only appliance, delivering enterprise-ready simplified deployment and operational efficiency, robust cyber resilience.

Read more...
South African fire standards in a nutshell
Fire & Safety Editor's Choice Training & Education
The importance of compliant fire detection systems and proper fire protection cannot be overstated, especially for businesses. Statistics reveal that 44% of businesses fail to reopen after a fire.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.