“At a time in which African countries, and South Africa in particular, are embracing digital transformation, SMBs needs to invest extensively in improving the safety and security of cyberspace to safeguard their business. Software-as-a-service security solutions offer a safe, secure way to protect an organisation's digital resources in a way that individual organisations simply cannot.” Alan Hawkins, General manager, cyber security and software, Tarsus Distribution
Alan Hawkins, General manager, cyber security and software, Tarsus Distribution Risks associated with information security threats increase minute by minute. Bad actors with malicious intent continuously evolve their strategies and security breaches will be increasingly creative and sophisticated in 2022. The urgency of data security and privacy can’t be overstated. 2021 was a record-breaking year for data breaches. According to Identity Theft Resource Center (ITRC) research, the total number of data breaches and an overall number of data compromises in 2021 was up more than 68 percent compared to 2020. The new record number of data compromises is 23 percent over the previous all-time high in 2017. In 2021, the global average cost of a data breach was US$4.24 million, a 9.8% increase over 2020, a report from IBM revealed. Yet the immediate costs are of little consequence compared to the lasting brand, reputation, and business damage that a data security incident causes. And we expect it will only become worse.
Recent cyberattacks targeting South Africa have shown how vulnerable the country is to cybercriminals and ransomware assaults, which pose a threat to people, the economy and infrastructure. The 2021 hack at the state-owned rail and ports company Transnet was serious enough to take the entity offline for more than a week and for Transnet to invoke the force majeure clause on its contracts. According to an Interpol report, the key cyberthreats affecting the African region are:
Online scams – This was the highest-reported and most pressing cyberthreat across the region. It targets and takes advantage of victims’ fears, insecurities, and vulnerabilities through phishing, mass mailing and social engineering.
Digital extortion – This threat is also identified as one of the most prominent cyberthreats on the continent. Digital extortion seeks to target individuals with either allegations of sexually compromising images or through direct blackmail campaigns.
Business email compromise – Alongside online scams, this was identified as a significant concern and threat to the region. Businesses and organisations that rely heavily on wire transfer transactions are vulnerable to this threat in Africa. The COVID-19 pandemic has contributed to the increase in this type of cybercrime.
Ransomware – The threat of ransomware is expanding across the African continent. Allegedly, more than 61% of companies in this region were affected by ransomware in 2020 alone. These attacks targeted critical infrastructure, including healthcare and maritime sectors.
Botnets – Botnets are networks of compromised machines used as a tool to automate largescale campaigns such as distributed denial-of-service (DDoS) attacks, phishing, malware distribution, and more. The number of botnet victim detections in Africa was around 50,000, with a monthly average detection of 3,900, including numerous high-profile instances of DDoS attacks on critical infrastructure.
The report states that the unique challenge for Africa is the critical absence of cybersecurity protocol, cyber resilience as well as mitigation and prevention measures for individuals and businesses.
Why cloud is more robust
At a time in which African countries, and South Africa in particular, are embracing digital transformation, SMBs need to invest extensively in improving the safety and security of cyberspace to safeguard their business.
Software-as-a-service security solutions offer a safe, secure way to protect an organisation's digital resources in a way that individual organisations simply cannot. In this environment, the service provider manages infrastructure and application security. Its dedicated resources can continuously monitor systems for security breaches and threats, enabling a faster response to any potential problem or identified security risk.
Cloud service providers invest heavily every year in training and tools to analyse existing services and they constantly update multiple levels of protection, including network- and host-based detection and protection.
Moving to a cloud service can allow your business to isolate and protect its internal networks and the valuable data it stores on internal systems at a time when the incidence and severity of attacks are only expected to grow.