The global Covid-19 pandemic has changed the way we work forever. Remote working has become commonplace for entities of every size and in every industry since the pandemic struck, and has seen the attack surface widen dramatically.

As entities raced to deploy cybersecurity solutions for remote workers, bad actors sought to exploit every possible weakness, taking advantage of the increasing number of security gaps when organisations failed to adhere to remote work cybersecurity best practices.

Moreover, where firms once employed traditional, on-premises IT infrastructure, working within the boundaries of well-defined, secure enterprise network perimeters, this is no longer the case. In today’s hybrid world, businesses are harnessing the power of a wide range of apps and services on multiple devices and connecting with internal and external users from across the globe.

This evolution in the way we work has shone the spotlight on cybersecurity. Adversaries are more cunning and determined than ever, and attacks are skyrocketing in frequency and sophistication. Unfortunately, security has always been a catch-up game, and organisations are battling to keep up with this growing challenge.

The weakest link

Similarly, many entities are falling into the trap of assuming their cybersecurity challenges are being caused by technology shortfalls alone. While there’s no doubt that having the appropriate tools in place is crucial, there is also a human factor at play. Opinions differ, but according to Verizon’s Data Breach Report 2022 insiders are responsible for 20% of global data breaches. In addition, a recent Ponemon study highlighted how the number of insider security incidents has soared by 47% in the last five years, and the cost of insider threats has risen 31% in the same time.

One thing is clear, and that is that data breaches caused by insiders are on the rise, in terms of both frequency and cost to the business. Despite this, many companies continue to rely on the blind trust of their staff members and extended teams instead of implementing meaningful methods to improve the detection and prevention of this scourge. It is time for companies to turn their cybersecurity around and focus on what is happening inside the business.

After all, a chain is only as strong as its weakest link, and all the security tools and solutions in the world are useless against an insider with legitimate credentials and access to the company’s most valuable and sensitive information.

Investing in people-focused initiatives

This is why I cannot stress enough how important it is for businesses to start investing in people-focused initiatives, such as shifts in company culture and cybersecurity awareness training, as these can have a positive impact on cybersecurity posture.

There are several reasons for this. South African businesses are feeling the cybersecurity skills shortage acutely. A lack of experienced cybersecurity experts has resulted in dramatic gaps emerging, particularly at a time when hybrid work is becoming the norm. Bad actors will continue to exploit every opportunity and find vulnerabilities in the cyber defences of entities unable to protect every possible entry point into the network effectively.

Furthermore, South Africa has to deal with a paucity of investment in cyber security. The country is beset with a number of challenges, including load shedding; high crime rates and unemployment; poverty and a shortfall of skilled professionals. Also, although private and public sector organisations alike understand that cybersecurity is a necessity, there are not enough funds to do anything meaningful about the problem. These and other factors, are hampering South Africa’s ability to put measures in place to prevent and mitigate complex threats.

Addressing the challenges

It’s not all doom and gloom though. There are some foundational changes companies can implement to address this challenge. Firstly, cybersecurity training can ensure that employees are equipped with the right knowledge to identify possible threats. Business leaders need to make sure their staff onboarding involves training and certification opportunities for employees across the board, to prepare them for any potential threats. Organisations can then supplement these team skills with the technology and expertise of a trusted security partner to achieve the right balance. These multiplier forces working in unison can have a positive effect on any business’s overall security position and empower staff to handle strategic initiatives and key priorities effectively.

Next, a shift in culture is needed in terms of how cybersecurity is managed. This means instilling trust and empowerment, where staff members feel comfortable reporting security-related incidents, accidents, or even mistakes, to the security team. To err is human, even top security professionals make mistakes, and no one is immune to an adversary who is determined enough. If people feel comfortable reporting mistakes, and there is no culture of pointing fingers, then workers will feel empowered and encouraged to speak up.

Empowering employees

This can also have a positive impact on reducing insider threats. Hybrid working has led to a degree of loneliness among staff members, and an erosion of company loyalty, so naming and shaming individuals for cybersecurity breaches could cause employees to retaliate out of frustration and expose their company to threats. By adopting an inclusive and collective approach to cybersecurity from the start, feelings of blame or anger among employees can be alleviated.

While there is no miracle cure for cybersecurity ailments, it is obvious that people and processes have an enormous role to play. To focus on technology alone is to ignore half the problem. If organisations can find the right balance between both the technology and human sides of their cybersecurity operations, this will have a transformative effect on their operations going forward.

About Arctic Wolf
Arctic Wolf is the market leader in security operations. Using the cloud-native Arctic Wolf platform, we help companies end cyber risk by providing security operations as a concierge service. Highly trained triage and concierge security experts work as an extension of internal teams to provide 24×7 monitoring, detection and response, ongoing risk management and security awareness training to give organisations the protection, resilience and guidance they need to defend against cyber threat.