Share

No company is immune from cyber attacks - expert

accreditation
Cybercrime. (Duncan Alfreds, Fin24)
Cybercrime. (Duncan Alfreds, Fin24)

Cape Town – Companies should have a security “Plan B” for critical data in place as it appears inevitable that perimeter strategies may fail, says an expert.

Cyber attacks are not regularly publicised in SA, but according to Gemalto, 3.6 billion data records have been exposed globally in cyber intrusions.

“Most security blueprints are currently based on a ‘Plan A’, with a heavy emphasis on technologies that protect the perimeter and somehow stop attackers from getting where they shouldn’t be. This made some sense when all the data and users only existed behind the corporate firewall,” Neil Cosser, Identity and Data Protection manager for Africa at Gemalto told Fin24.

“It’s becoming quite clear, however, that Plan A is not working as it should be. Consider the number of huge data breaches that have occurred over the last year or two and you can see that cyber criminals are finding ways to bypass current security measures,” he added.

Gemalto’s Breach Level Index highlighted five attacks in SA during 2015, but the report said that the number of data breaches do not reflect the actual number of records exposed.

Two factor authentication

READ: SA fails to make data breaches public

In 2015, the report showed that 1 673 incidents exposed some 707 million records. However, in 47% of cases, the number of records exposed is unknown.

“In today’s security landscape, it thus makes more sense to move to a ‘Plan B’, where the focus is on protecting data. This can involve a number of different technologies - all of which would potentially be important components of the strategy,” said Cosser.

One strategy gaining momentum is two factor authentication and Gemalto said that 98% of IT managers are supportive of this technology, though it is not a perfect solution.

“There is still a long way to go to protect access to all applications and secure all devices however. IT professionals are realising that the key to providing uniform protection for numerous applications lies in their ability to centrally implement two-factor authentication for both cloud and on-premises applications,” Cosser said.

Assuming cyber criminals will at some point have access to critical data, Cosser highlighted the benefits of encryption which may render the data useless.

“It’s also clear that data encryption should play a major role in any Plan B. Someone is going to get past the network perimeter defences at some point, so organisations need to make sure that whoever gets in can’t use the data. Another way of looking at encryption in this context is that it is the ultimate way to ‘unshare’ data in shared environments.”


- Follow Duncan on Twitter

We live in a world where facts and fiction get blurred
Who we choose to trust can have a profound impact on our lives. Join thousands of devoted South Africans who look to News24 to bring them news they can trust every day. As we celebrate 25 years, become a News24 subscriber as we strive to keep you informed, inspired and empowered.
Join News24 today
heading
description
username
Show Comments ()
Rand - Dollar
18.94
-0.2%
Rand - Pound
23.91
-0.1%
Rand - Euro
20.43
+0.2%
Rand - Aus dollar
12.34
+0.1%
Rand - Yen
0.13
-0.2%
Platinum
910.50
+1.5%
Palladium
1,011.50
+1.0%
Gold
2,221.35
+1.2%
Silver
24.87
+0.9%
Brent Crude
86.09
-0.2%
Top 40
68,346
+1.0%
All Share
74,536
+0.8%
Resource 10
57,251
+2.8%
Industrial 25
103,936
+0.6%
Financial 15
16,502
-0.1%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE
Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders