SA industrial facilities at risk of cyber attacks

July 2019 Industrial (Industry), Information Security

With international analysts warning of a growing risk of cyber war, sabotage and espionage impacting industrial and mining facilities, South African stakeholders must step up their efforts to mitigate risk. This is according to GECI, an international tactical cybersecurity specialist now launching its portfolio of cybersecurity solutions in South Africa. After Europe, GECI has chosen to expand its platform of innovative solutions in Africa, starting with South Africa where the need is clearly identified.

Cyber-attacks have escalated beyond theft of data and ransomware attacks, to attacks specifically designed to shut down critical infrastructure, manipulate markets and even cripple entire countries, says South African GECI representative, Mike Bergen.

Citing attacks on major enterprises, power plants and nuclear facilities, Bergen says the increasing connectedness of industrial plants is putting them at greater risk of attack.

Thuli Mgwebile and Mike Bergen
Thuli Mgwebile and Mike Bergen

However, Thuli Mgwebile, business development agent at GECI South Africa and MD of local GECI partner, Sinac Group, says early discussions with local infrastructure stakeholders indicate that their focus on cybersecurity is inadequate. “For example, we see local industrial players saying their own risk assessment exercises have found a huge amount of data leakage taking place,” she says.

This, coupled with inadequate access controls at plants, presents significant vulnerabilities which could be misused to devastating effect. In many industrial environments, IT and operations are still run in siloes, Bergen says, with cybersecurity a focus in the enterprise’s administration and data centres and little focus on cybersecurity in plant operations. “In many companies, Information Technology (IT) and Operational Technology (OT) are two domains – engineers in the plants manage their own systems and equipment, and they consider themselves separate from IT. Not all OT specialists are as aware as IT professionals are of the importance of cybersecurity.”

“Industrial facilities have done a lot to protect themselves from catastrophes, but not enough to protect themselves from cyber-attacks,” says Mgwebile. She sees cyber-attack as a key risk area for resilient industrial systems and will therefore contribute to promote GECI solutions.

GECI has provided global solutions to manufacturers and consumers in the fields of aerospace, transportation, energy, petrochemicals, infrastructure, IT and telecommunications for over 40 years. The group has evolved to focus on digital technologies and has branched into industrial IT/OT cybersecurity on the back of several acquisitions and partnerships, including one with Israeli cybersecurity start-up ODI-X, which specialises in disarmament and reconstruction technologies (CDR-content disarmament and rebuilding).

GECI’s portfolio also includes BitDAm, an innovative cybersecurity company that delivers the highest detection rates of advanced attacks within the communication stream, CyberX industrial control system (ICS) deployed across over 1 200 production networks worldwide, and TripleCyber remote monitoring and analysis services.

For more information contact GECI, [email protected], www.geci.net





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Cybersecurity and AI
AI & Data Analytics Information Security
Cybersecurity is one of the primary reasons that detecting the commonalities and threats of what is otherwise completely unknown is possible with tools such as SIEM and endpoint protection platforms.

Read more...
Data security and privacy in global mobility
Security Services & Risk Management Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Read more...
Sophos celebrates partners and cybersecurity innovation at annual conference
News & Events Information Security
[Sponsored] Sun City hosted Sophos' annual partner event this year, which took place from 12 to 14 March. Sophos’ South African cybersecurity distributors and resellers gathered for an engaging two-day conference.

Read more...
The CIPC hack has potentially serious consequences
Editor's Choice Information Security
A cyber breach at the South African Companies and Intellectual Property Commission (CIPC) has put millions of companies at risk. The organisation holds a vast database of registration details, including sensitive data like ID numbers, addresses, and contact information.

Read more...
AI augmentation in security software and the resistance to IT
Security Services & Risk Management Information Security
The integration of AI technology into security software has been met with resistance. In this, the first in a series of two articles, Paul Meyer explores the challenges and obstacles that must be overcome to empower AI-enabled, human-centric decision-making.

Read more...
Milestone Systems joins CVE programme
Milestone Systems News & Events Information Security
Milestone Systems has partnered with the Common Vulnerability and Exposures (CVE) Programme as a CVE Numbering Authority (CNA), to assist the programme to find, describe, and catalogue known cybersecurity issues.

Read more...
Access & identity expectations for 2024
Technews Publishing IDEMIA ZKTeco Gallagher Salto Systems Africa Regal Distributors SA Reditron Editor's Choice Access Control & Identity Management Information Security AI & Data Analytics
What does 2024 have in store for the access and identity industry? SMART Security Solutions asked several industry players for their brief thoughts on what they expect this year.

Read more...
Zero Trust and user fatigue
Access Control & Identity Management Information Security
Paul Meyer, Security Solutions Executive, iOCO OpenText, says implementing Zero Trust and enforcing it can create user fatigue, which only leads to carelessness and a couldn’t care attitude.

Read more...
Passwordless, unphishable web browsers
Access Control & Identity Management Information Security
Passkey technology is proving to be an easily deployed way to bring unphishable, biometric-based security to browsers; making identification and authentication much more secure and reliable for all parties.

Read more...
Practical guide to protect data privacy
Training & Education Information Security
The Data Privacy Toolkit, reflecting the evolving landscape of data privacy, includes guidelines and recommendations to safeguard sensitive information crucial for protecting sensitive information from malicious actors.

Read more...