On a recent visit to BDO in Norway, it struck me that many South African-based businesses and organisations are increasingly exposed to cyber threats and vulnerabilities of which they are blissfully unaware.
There is no doubt that we currently find ourselves in an age where highly technical targeted cyber-attacks are the order of the day – and I don’t think South Africa executives take these threats seriously enough.
The question board members, CEOs, CFOs and COOs should be asking is not “if” your company has been breached, or even “when”? Having seen the level of sophistication associated with the attack vectors and methodologies, I have no doubt that most South African businesses must now accept that it has already happened to them.
The real issues which must now be addressed at board meetings deal with the capability of the business to timeously detect and deal with the inevitable attacks.
Two key issues need to be considered when dealing with the current cyber threats:
- Appropriate design and implementation of cyber security defence systems
- The capability to detect and respond to IT security threats and breaches with appropriate levels of depth.
The core feature of SOC / SIEM / CERT * technologies is the ability to gather security data from all of the critical assets residing on the businesses network and to present that data as actionable information via a single interface. This provides a vast array of benefits by allowing the security teams to gain a complete understanding of the IT assets’ security status, prioritise security incidents, and demonstrate compliance with regulations much more efficiently.
The new cybersecurity agency, revealed by European Commission President Jean-Claude Juncker in his annual State of the Union Address in September 2017, would be established out of the existing European Agency for Network and Information Security (ENISA). The agency plans to organise annual EU-wide cybersecurity exercises and put in place channels to share information on cyber threats throughout the EU.
As threats continue to evolve, so too must the processes around leading technologies in order to provide a business-focused SIEM SOC Managed mitigation service that will evolve with an organisation’s needs and the constantly changing cyber threat landscape.
It is time for South African executives and government officials to follow the example of the EU in strengthening South African businesses’ and government’s cybersecurity.