Establishing clear policies and protocols for data handling, access controls, and usage guidelines lays the foundation for a secure data environment. By delineating roles and responsibilities, organisations can foster a culture of accountability and transparency. Executives from ESET, Commvault, Intellinexus, Data Management Professionals respond.
Carey van Vlaanderen, CEO ESET Southern Africa
Businesses will have to navigate a complex and evolving terrain of cyber threats. Today’s cybercriminals are well-resourced, dynamic, and often rely on the element of surprise in their attacks. One of the best ways organisations can level the playing field and gain the upper hand is by understanding the threat landscape to make more informed decisions.
In addition to greater awareness, having robust security solutions in place is the best way to prevent attacks from happening, and help businesses build the necessary resilience they need for the future. By collecting, analysing, and contextualising information about cyber threats, including the most advanced ones, threat intelligence offers a critical method to identify, assess and mitigate cyber risk.
Given the prevalence of advanced and persistent threats, there will be sustained growth in the MSP channel area, particularly where the cybersecurity needs in Southern and Eastern African countries can be addressed more thoroughly. Similar to other regions, including South Africa, East Africa is confronted with various cyber threats such as phishing, malware, ransomware, and data breaches.
Managed Detection and Response, MDR services are set to be a major trend for businesses to watch. MDR, the specialised service offered by external providers, is designed to help organisations proactively search for and respond to cybersecurity threats as soon as they are identified. MDR tackles several key challenges faced by modern businesses at once, most especially the shortfall of in-house security expertise.
Establishing and training dedicated security teams for continuous threat monitoring is possible for larger organisations with ample resources, but much harder for SMEs. Added to the challenge is that SMEs are attractive and therefore frequent targets of cyberattacks, but simply cannot maintain a dedicated team of skilled security professionals to monitor and manage the sheer volume of evolving threats.
Nizar Elfarra, Regional Sales Engineering Leader, Commvault
The anatomy of cyberthreats has changed, meaning that organisations can no longer rely on traditional cybersecurity solutions to protect their perimeter, but should instead rethink their data protection strategy and become proactive in their defence against breaches.
As data typically resides on premises, in the public and private clouds, in Software-as-a-Service, SaaS applications and on end user devices, the perimeter that organisations must protect is becoming increasingly huge.
On average, it takes 84 minutes to execute the attack, which is a drastic drop in the attack vector in that aspect. The surprising part for many organisations, is that 93% of attacks target backup repositories, as they contain all their critical data. This is the easiest target to go after and raises the need for organisations to rethink their data protection strategies.
To make things worse, according to the latest cybercrimes trends published by Crowdstrike, malware-free cyberattacks have reached 71% of the breaches recorded annually. This is not good news, as it means that valid credentials were used to gain access to systems and to have privileges as the legitimate user of a targeted device. This also means that targeted organisations did not even know they were being attacked.
Modern day cyberthreats are essentially moving to in between traditional data protection solutions and organisations’ last line of defence, backup and recovery. It is at the intersection of these two points where traditional solutions; perimeter security and the last line of defence are not catching these threats.
This trend is driving the need for the next-generation data protection with active defence. This means that an organisation’s data protection solution needs to start assessing its data at a much earlier stage. This is because bad actors often gain access to an environment more than six months in advance.
As such, organisations need to be a lot more proactive and thus minimise the use of the last line of defence, backup and recovery by being able to detect bad actors much earlier on. This can be done with early threat detection, checking for suspicious activity, early warning, as well as threat and risk analysis.
Recovery as a last line of defence is necessary but is not enough. With the growing sophistication of cyberthreats, organisations need to understand that there are many measures they can and should put in place to prevent bad actors from reaching their last line of defence.
Jacques du Preez, CEO Intellinexus
Ensuring data privacy and security is not just a checkbox on the Chief Data Officers, CDOs to-do list – it is a continuous journey towards resilience and trust. By prioritising data governance, strengthening security measures, and fostering collaboration across organisational silos, CDOs can safeguard their organisations’ most valuable assets.
According to Gartner, by 2025, 75% of the world’s population will have its personal data covered by modern privacy regulations. The continued growth in public cloud services will bolster spending on cloud security tools.
As guardians of data governance and security, the role of a CDO has become increasingly pivotal. They shoulder the responsibility of safeguarding sensitive information, upholding regulatory compliance, and fortifying defences against cyber threats.
Data flows like the lifeblood of an organisation in today’s interconnected digital ecosystem. From customer profiles to proprietary algorithms, every piece of information holds value and must be shielded from prying eyes and malicious intent.
This is where the partnership between CDOs and Chief Information Security Officers, CISOs becomes paramount. By synergising their expertise and resources, they can build robust fortresses around data assets, ensuring their integrity and confidentiality.
At the heart of this collaboration lies a commitment to stringent data governance principles. Establishing clear policies and protocols for data handling, access controls, and usage guidelines lays the foundation for a secure data environment. By delineating roles and responsibilities, organisations can foster a culture of accountability and transparency, where every stakeholder understands their role in protecting sensitive information.
Robust data governance alone is not sufficient. In the face of these ever-evolving cyberthreats, organisations must adopt a proactive stance towards security. This involves deploying cutting-edge technologies such as encryption, multi-factor authentication, and intrusion detection systems to fortify their digital perimeters.
Compliance with regulatory frameworks is another cornerstone of data privacy and security. From GDPR to POPIA, there’s a myriad of regulations governing the collection, storage, and processing of personal data. CDOs must ensure that their organisations adhere to these regulations, implementing measures such as anonymisation and data minimisation to mitigate risks and protect individuals’ privacy rights.
Furthermore, the advent of technologies like artificial intelligence, AI and machine learning brings both opportunities and challenges for data privacy and security. While these technologies offer unprecedented insights and efficiencies, they also raise concerns about algorithmic bias and unauthorised access.
CDOs must strike a delicate balance between innovation and risk mitigation, embedding privacy-enhancing technologies into their data ecosystems to safeguard against misuse and abuse.
Iniel Dreyer, MD Data Management Professionals South Africa
The silent theft of data is an increasingly prevalent cyber threat to businesses, driving the ongoing leakage of personal information in the public domain through undetected attacks that cannot even be policed by data privacy legislation. As the term implies, the exfiltration of data from corporate networks is often done without even the target themselves being aware of the attack. In such cases, cybercriminals are only wanting to steal personal information, without being detected. This data is then sold for a tidy profit.
While the Protection of Personal Information Act, PoPIA in South Africa was designed to safeguard personal data from theft, misuse and malicious activities, the legislation cannot be applied to attacks that are undetected and thus unreported.
Unlike a ransomware attack, the silent theft of data does not involve financial extortion and the encryption of information. Instead, hackers steal valuable data from organisations to sell on the dark web. This illicit practice is largely behind the proliferation of spam calls and marketing that flood the lives of ordinary people, not to mention the increase in banking fraud.
To defeat attackers whose aim is to stay on a corporate network for as long as they can before being caught, organisations must look towards deception technology, which will help them respond proactively to an infiltration before any real damage is done. With data theft, it is crucial to be proactive as, once the information is stolen, nothing can be done about it.
Deception technology deploys honeypots which are fake assets and systems on an organisation’s network that a hacker will perceive as a real system. These decoys can imitate any IT equipment or applications and will typically have a vulnerability that will make it tempting to attack.
When attacked, honeypots will send an alert to the network administration team that an intrusion has been detected. Deception technology can also detect the origin of the attack, where access was gained to the network and the type of device that was used to carry out the hack. This allows IT teams to take the necessary steps to prevent any real harm from being done by the attackers.
A backup and recovery strategy is not enough to stop the silent theft of data. A more proactive stance should be adopted through the deployment of deception technology.