IDENTIFY YOUR VULNERABILITIES
BEFORE THEY BECOME LIABILITIES
South Africa has emerged as a hub for cybercrime in Africa, as indicated by a report from Interpol highlighting the escalating cyber threats. South Africa now ranks third globally regarding the number of victims affected by cybercrime, emphasizing the requirement for cybersecurity measures.
Furthermore, new reports from global IT security providers Sophos and Kaspersky suggest that South Africa is facing a significant increase in ransomware attacks, with 78% of organizations reporting an attack in 2023, up from 51% in the previous year.
The “Sophos 2023 State of Ransomware Report” highlighted that exploited vulnerabilities were the root cause in 49% of attacks, with compromised credentials following closely at 24%. Additionally, the report revealed that 89% of attacks resulted in data encryption, and data theft accompanied 35% of these encryptions. The average cost incurred by South African organizations to recover from a ransomware attack, excluding any ransom payments, was reported at R14 million. Furthermore, the emergence of new types of ransomware, such as "Agenda," has posed a significant threat to sectors like healthcare and education. These trends underscore the growing urgency for robust defensive strategies, continuous monitoring, and the need to address vulnerabilities to combat the evolving ransomware landscape in South Africa.
Other findings reflected in the report showed that:
-
82% of private sector organisations said that the attacks resulted in them losing business or revenue.
-
53% of South African businesses said it took them a week to recover. 29% said it took up to a month, while 19% said it took between one and six months.
-
98% of South African respondents said they had some form of cyber insurance, with 47% having a standalone cyber policy.
-
98% of South African organisations that purchased cyber insurance said that the quality of their defences directly impacted their insurance position.
-
66% said that it affected their ability to access coverage, while 61% said it impacted the cost of their premiums.
In all cases, the companies fared the best in these situations:
Responded to the incident quickly Took reasonable precautions
Hold appropriate insurance cover Hire a public relations expert
Enlisted the efforts of forensic investigators Briefed attorneys prior to notifying their insurers
Consequences
Cyberattacks can lead to harm by causing downtime and damaging the company's reputation.
-
Data breaches: Medium enterprises (SMEs) often store customer data, and if there is a breach, it can result in legal consequences, loss of trust, and regulatory fines.
-
Operational disruption: Cyberattacks can disrupt day-to-day operations, causing delays, service outages, and decreased productivity.
-
Reputational damage: A breach can tarnish a company's reputation, making it challenging to regain trust from customers and partners.
Mitigating Risks
-
Raising awareness: Educate employees about cybersecurity risks and best practices with regular training sessions.
-
Investing in security: Invest in security measures such as antivirus software, firewalls, and regular updates.
-
Implementing strong authentication: Enforcing password policies and considering implementing two-factor authentication can strengthen security measures.
-
Securing supply chains: Evaluate the cybersecurity readiness of your partners and suppliers to identify and mitigate risks.
-
Creating an incident response plan: Develop an incident response plan minimizing the impact of a cyberattack and ensuring safe back-up of your data.
Cybersecurity Challenges Facing African SMEs:
Small and medium-sized enterprises (SMEs) in South Africa face several cybersecurity challenges, including:
-
Limited resources: Many SMEs operate on budgets that leave little room for investing in robust cybersecurity measures. Due to constraints, they often prioritise aspects of their business over security.
-
Lack of awareness: Cybersecurity awareness among SME owners and employees is still relatively low. Many underestimate the risks involved, or assume that cyberattacks only target more prominent corporations.
-
Expertise: SMEs frequently need more expertise to handle complex cybersecurity issues effectively.
AI is becoming more mainstream
AI and machine learning are becoming increasingly prevalent in the technology landscape. According to recent research conducted by Microsoft-IDC, approximately 39% of companies in South Africa are intending to enhance security measures by streamlining processes and integrating technologies.
Artificial intelligence (AI) enables defenders to efficiently process and analyze a vast amount of information, providing them with the capability to categorize and contextualize data at a significantly accelerated pace. This radical advancement in AI equips defenders to counteract attackers and diminish their advantage in terms of agility.