Globally, cyber-security threats have been receiving significant attention. With the world being as connected as it is, companies and individuals cannot afford to drop their guard when it comes to protecting their information. In my experience some worrying attack trends and security issues are cropping up in Africa, with South Africa being used as the base for cyber-attacks into the rest of the continent.
There has been a significant increase in international bandwidth due to the arrival of undersea cables such as SEACOM, WACS (West Africa Cable System), and EASSy (Eastern Africa Submarine Cable System). This is not only providing malicious users with better connectivity but also the ability to use a number of different systems should one cable network be compromised.
Spear phishing attacks are on the increase. Designed to collect information from organisations and individuals, spear phishing could be used as a platform for further attacks. A recent example is that of individuals receiving phone calls at home from people claiming to represent a world-leading software company wanting to help them fix their computers. These fraudsters then proceed to give step-by-step instructions for installing legitimate software for malicious purposes.
Today, people opt for email or social networking as their preferred means of engaging with friends, colleagues, clients, and customers – often readily sharing all types of information. But when it comes to communicating face-to-face, a person becomes more reserved.
Companies need to be aware that they can have adequate physical security measures in place but it means very little if their online data is not protected. They also need to educate employees about the importance of cyber-security and personal information protection. Security needs to be made personal.
For example, staff who write down their passwords need to be reminded that those are often the same ones they use for online banking, social networking profiles, and cloud services (such as mobile device backup). This means that they not only inadvertently put their employer at risk but also their personal information.
Recently, Gartner has ranked Deloitte number one globally in security advisory based on revenue. This is the result of Deloitte placing a deliberate focus on security. Ultimately, security is a critical area to ensure the longevity of any organisation.
Should you require more information or a detailed discussion, please contact Tiaan Van Schalkwyk email@example.com, Senior Manager, Security, Privacy & Resilience, Deloitte Risk Advisory.