Just how secure is your corporation? Nearly three quarters of South Africa’s top 100 companies are investing more in cybersecurity than the industry average, but an almost equal proportion don’t feel fully protected by their current cybersecurity strategy.
The State of Cybersecurity in South Africa, a study conducted by World Wide Worx with the support of Intel and Dell Technologies South Africa, reveals that half of South African businesses are over budget on cybersecurity spend and just over half feel there are now more threats introduced by remote work culture.
- Brought to you by Intel and Dell Technologies
“Corporates being over-budget on cybersecurity spend may look like a positive sign, but it also raises the likelihood that the budgets were too low to begin with,” says World Wide Worx’s principal author of the report, Arthur Goldstuck, principal analyst on the research project. “In the game of cybercrime cat and mouse, one could argue there is no such thing as being over-resourced. However, under-resourcing not only exposes companies to risk, but also poses an existential threat. A major breach can bring down a company. Budgets must catch up to the significance of the threat.”
Challenges range from these macro threats all the way down to individual losses. With the pandemic and lockdowns having sent corporate employees home, 55% of IT decision makers are concerned about their staff losing their devices. And it’s not only about the physical loss and immediate cost of replacement.
“As new threats and vulnerabilities appear at breakneck speed, new technology also creates opportunities to innovate. As we navigate the changing landscape of work, it is imperative to deliver solutions that keep the organisations and their employees safe. With breaches now happening both above and below the OS, organisations need to keep endpoints secure from anywhere. You need intelligent solutions that prevent, detect and respond to threats wherever they occur. A procedural measure like taking on a certified cybersecurity partner to manage these services is often the best protection for corporates,” says Khairy Ammar, services sales director, emerging Africa and South Africa, at Dell Technologies
A finding that will provide the business world with greater confidence is that three quarters of large companies (77%) report their devices are upgraded frequently, and support both Secure Boot and Trusted Protection Modules – which helps mitigate physical access vulnerabilities.
Advanced methods
Many cyber-hygiene factors are implemented by corporates, with the majority using VPN access control, and cloud platform managed security. These factors being implemented show that corporates are aware of advanced methods of protecting themselves.
The vast majority (99%) of corporates are aware that disaster management is essential. This figure must, however, be seen in the context of only 40% of businesses using multiple solutions to protect, back up and replicate their data in the event of disaster. That said, most respondents (99%) had not experienced cyberattacks that led to financial loss.
The 1% that experienced loss after a data leak provide a useful case study of security stances after an attack: these businesses had their systems compromised before the onset of remote working, indicating that no matter how a corporate geographically locates its employees, it remains vulnerable.
Compromises and vulnerabilities are revealed through the weakest link in the IT system, which is often an organisation’s own employees, and this may allow in ransomware programs or phishing attempts. More than half of businesses report that ransomware and phishing attempts have increased in the past year, or that they simply can’t keep up with the numbers of attempts.
Dell’s Ammar continues: “At Dell Technologies, we provide our customers with software and services and a single point of call, reducing risk and providing peace of mind that their business-critical data is protected from edge to core to cloud. Our customers can feel confident that through our single-vendor approach, all facets of their data landscape will be taken into account and protected.”
“Awareness and action are key,” says Bryan Turner, World Wide Worx senior data analyst. “Training employees to work safely but spotting out-of-character e-mails and communications can save a company from all the phishing headaches involved with cybersecurity incidents.”
- This promoted content was paid for by the party concerned