Security is not a single product solution

1 February 2020 Information Security

The new decade is still in its infancy and already we have heard news of potential malware attacks on major banks in the sub-Saharan Africa region. These alleged attacks are thought to be the work of a Russian hacking group named ‘Silence’.

While it seems that South African banks have been unaffected to date, according to the South African Banking Risk Information Centre (SABRIC) this news is certainly consistent with the significant trend towards the monetisation of cyberattacks. There is real money to be made in working to breach the cyber defences of businesses, both big and small. And thus, there is no surprise that throughout 2019, organisations across all industries globally were targeted by cyberattackers.

Stefan van de Giessen.

This holds true whether we are talking about information being stolen for illegal gains, IT systems being hacked and shut down until a ransom demand is paid, or operational technology (OT) systems and critical infrastructure being damaged or shut down for geopolitical purposes. And so it is unlikely that attacks are going to slow down during 2020, says Stefan van de Giessen, general manager: Cybersecurity at value-added distributor Networks Unlimited Africa.

“No industry or organisation is immune from attack,” he clarifies, “with top targets during 2019 including governments, the financial services industry, manufacturers, retailers and consumer goods, and infrastructure providers. Based on this, we advise implementing a next-generation security solution that should include various, complementary products. It’s good practice to start securing the edge of the networks, thereafter moving to business critical services and solutions, and then covering other attack vectors such as internal segmentation.

“We recommend adopting a phased approach in order to develop a layered security posture; this assists with controlling costs as well as the complexity of management involved. So once the baseline has been established, security can then look at how to protect against unknown threats, enable the encryption of your data, and deploy decoys in your network to lure away hackers.”

According to Van de Giessen, important security issues to consider for 2020 include end point security, network visibility, deception-based technology, the rise of the managed service provider, the convergence of the IT/OT (operational technology) space, the local IT skills shortage, and the issue of compliance with regulation.

End point security: Investing in a next-gen firewall (NGFW) and antivirus (NGAV) technology with endpoint detection and response capabilities, as well as a secure email solution, is critical in securing against the most prevalent attacks.

Better network visibility: This allows you to more closely monitor network traffic for malicious behaviour and potential threats. For example, you can better detect when someone gains unauthorised access to the network, thereby allowing security measures to respond quickly. The use of user and entity behavioural analytics (UBEA), software that analyses user activity data from logs, network traffic and endpoints, and correlates this data with threat intelligence, allows you to identify activities or behaviours that are likely to indicate a malicious presence in your environment.

Deception-based technology: Van de Giessen notes that deception-based technology works hand-in-glove with better network visibility. “The solution creates a decoy setting that simulates the actual environment by deploying a decoy virtual machine into the existing network, with attractive decoys, credential lures, ransomware bait and data deceptions. This allows early and accurate detection to track lateral movement and credential theft.”

The managed service security provider (MSSP): Van de Giessen believes that the move to MSSPs is definitely a growing trend, allowing security teams to outsource the management of certain aspects of security and to solve issues such as a lack of skills or resources. He offers this warning, however: “From a compliance point of view, it is still the organisation’s responsibility to know which products are being used to protect its data. Using the services of an MSSP doesn’t relieve an organisation of responsibility for its own data.”

The convergence of the IT/OT space: The convergence of the information technology and operational technology space has become a new challenge globally in recent years. Hackers have started targeting the OT network, which previously was not necessarily linked to an IT network, to bring down critical infrastructure and manufacturing plants, for example.

The rise in the Industrial Internet of Things (IIoT) has not necessarily come with adequate and/or appropriate cybersecurity. The IIoT allows tools and machinery of all types to be connected to the Internet, bringing major benefits such as better monitoring and increased visibility, but also risks to the business that, by and large, simply did not exist a decade or so ago. A recent study by the IBM Institute for Business Value showed that industrial companies are not doing enough to protect their plants from being hacked [1].

The IT brain drain in South Africa: Says Van de Giessen, “While there are many new products available to us, we are losing too many skilled IT people who are leaving our shores. According to a report in mid-2019 [2], which surveyed 110 companies, including JSE-listed organisations as well as large multinational groups operating in Africa, the report found that ‘information and communications technology specialists and engineers remain the most difficult to recruit’. In security, there are three vectors that are important in security, namely time, product and skills, and skills are severely lacking in our markets across Africa.”

Compliance with regulation: “South Africa is behind the curve with data regulation compliance when we compare ourselves to the European Union’s General Data Protection Regulation (GDPR), which has already been in force for over a year, as well as compliance legislation in other SADEC countries and also West Africa,” says Van de Giessen.

South Africa’s Personal Protection of Information Act (PoPIA), which is similar to the EU’s GDPR, has not yet been implemented, although it was signed into law in November 2013. PoPIA will enable businesses to regulate how information is organised, stored, secured and discarded. The Act aims to protect consumers from having their money and identity stolen as well as keep their private information private. The time delay in implementing PoPIA is not helpful for businesses and for our IT systems, which will eventually need to be compliant.

Van de Giessen concludes: “Considering all of these factors, it becomes clear that security is not a single-product solution – customers need a multi-product approach so that they can defend themselves both proactively and reactively. Today’s security teams must acknowledge the threats posed by all attack vectors, and work proactively on preventing them.”

For more information, contact Networks Unlimited Africa, David Wilson, +27 11 202 8400, [email protected], www.networksunlimited.africa.

[1] https://www.ibm.com/downloads/cas/ZJRRVRKW

[2] https://citizen.co.za/news/south-africa/general/2150853/sas-brain-drain-is-picking-up-speed/




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
DeepSneak deception
Information Security News & Events
Kaspersky Global Research & Analysis researchers have discovered a new malicious campaign which is distributing a Trojan through a fake DeepSeek-R1 Large Language Model (LLM) app for PCs.

Read more...
SA’s strained, loadshedding-prone grid faces cyberthreats
Power Management Information Security
South Africa’s energy sector, already battered by decades of underinvestment and loadshedding, faces another escalating crisis; a wave of cyberthreats that could turn disruptions into catastrophic failures. Attacks are already happening internationally.

Read more...
Almost 50% of companies choose to pay the ransom
News & Events Information Security
This year’s Sophos State of Ransomware 2025 report found that nearly 50% of companies paid the ransom to get their data back, the second-highest rate of ransom payment for ransom demands in six years.

Read more...
Survey highlights cost of cyberdamage to industrial companies
Kaspersky Information Security News & Events
The majority of industrial organisations estimate their financial losses caused by cyberattacks to be over $1 million, while almost one in four report losses exceeding $5 million, and for some, it surpasses $10 million.

Read more...
Digital economy needs an agile approach to cybersecurity
Information Security News & Events
South Africa is the most targeted country in Africa when it comes to infostealer and ransomware attacks. Being at the forefront of the continent’s digital transformation puts South Africa in the crosshairs for sophisticated cyberattacks

Read more...
SIEM rule threat coverage validation
Information Security News & Events
New AI-detection engineering assistant from Cymulate automates SIEM rule validation for SecOps and blue teams by streamlining threat detection engineering with automated testing, control integrations and enhanced detections.

Read more...
Cybersecurity a challenge in digitalising OT
Kaspersky Information Security Industrial (Industry)
According to a study by Kaspersky and VDC Research on securing operational technology environments, the primary risks are inadequate security measures, insufficient resources allocated to OT cybersecurity, challenges surrounding regulatory compliance, and the complexities of IT/OT integration.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.