The South African Banking Risk Information Centre (SABRIC) says South Africa has the third-highest number of cybercrime victims worldwide and loses R2.2 billion a year to cyberattacks. With today being World Safer Internet Day, it is essential to draw attention to this intensifying risk, since new sophisticated methods of attack include targeting essential infrastructure, co-operation between attackers, the use of artificial intelligence and remote takeovers through Internet of Things devices.
Small businesses are particularly at risk, with their cyber defences being easier to breach.
According to Mimecast’s security specialist, Heino Gevers, businesses need to implement a robust cyber resilience strategy. Nine out of ten data breaches start with email, so it’s important to prevent email-borne cyberattacks but also to be able to recover from them. Organisations also need to improve their defences by reducing human error with an effective user awareness training programme.
Another essential defence mechanism is making use of threat intelligence. Security leaders should use data from multiple internal and external sources to identify emerging threats, unearth the conditions needed to exploit vulnerabilities, and discover whether the threat is being actively used. While this has previously been the reserve of large, well-funded organisations, threat intelligence is increasingly becoming accessible and affordable to most businesses.
King Price’s partner of client experience, Wynand van Vuuren, combining a proactive security approach with a strong cyber insurance policy can guard against the potential cost of restoring productivity and reputation. Proactive security measures include firewalls, security software, malware scanning and continuous employee training. It is important to ensure that your company is covered for data breach expenses, damage to computer systems and data, business continuity and liability and reputation management costs.
The World Economic Forum recently listed cybersecurity as the fifth highest global risk for doing business, and IT is considered the top risk in Europe, North America and East Asia.
According to Munich Re, some of the key trends that will emerge this year include:
- A decline in traditional ransomware attacks, but more sophisticated varients and a combination of traditional ransomware and mobile ransomware.
- Ransomware targeting clouds, which may threaten infrastructure.
- Different kinds of cyberthreats, like phishing, ransomware and cryptojacking, being used in tandem (cryptojacking is leveraging compromised computers of an unsuspected user without their knowledge – likely to be popular if currency prices are high).
- Cloud and user devices becoming the two main targets for cyber attackers.
- An increase in breaches and business interruption through 3rd parties
- An increase in attacks that exploit the supply chain and service provider
- A high impact in terms of insurance losses.