SA fails to make data breaches public - expert

2016-02-26 15:59 - Duncan Alfreds, Fin24
Post a comment 0

Computer. (Duncan Alfreds, Fin24)

RELATED ARTICLES

Cape Town – Just five data breaches were registered in South Africa in 2015 but this figure may not show the whole picture, says digital security services company Gemalto.

The company has released its Breach Level Index which shows that, globally, 3.6 billion data records have been exposed since 2013.

These data breaches are focused on gaining access to personal information that can be sold illicitly for financial gain, said the company.

While SA registered just five attacks last year, Gemalto said that the number of attacks do not always relate to the number of personal records exposed.

READ: Ashley Madison hack a lesson for SA firms

“Despite cyber crime growing around the world and in Africa, the number of attacks in South Africa is still very low compared to the rest of the world," Neil Cosser, identity and data protection manager for Africa at Gemalto, told Fin24.

"This doesn’t mean that we aren’t a target for hackers, but simply that very few data breaches are made public and can therefore be quantified in the Breach Level Index,” said Cosser.

South Korea, for example, had three breaches that exposed 43 million records, according to Gemalto. 

But Cosser argued that until legislation compelled South African organisations to make data breaches public, the perception would continue that the country is insulated from hackers.

“Because breaches can have high impact on brand reputation, many companies are still tempted not to disclose these as they are not legally required to," said Cosser.

“Based on the above, the need for greater regulation in South Africa has never been clearer – as per trends being seen in the rest of the world,” Cosser added.

Companies in SA that do get hacked risk being unaware of it. Just 38% of South African companies have organisational measures in place to prevent unauthorised data loss, according to information security company Trustwave.

Meanwhile, another information security firm Wolfpack Risk has estimated that the loss to cyber crime in SA stands at R2.5bn during 2012/2013 financial year.

“The danger of the digital world is that attacks or data theft can happen unnoticed. Cyber attacks are getting more and more sophisticated and it can often take a few years for a company to realise it has been hacked,” said Cosser.

- Follow Duncan on Twitter

Read more about: gemalto  |  cybercrime