South Africa has been slipping in many rankings but there is one area in which it keeps up
with the First World: cybercrime. We are ranked as one of the top six nations most threatened by cybercrime, in the company of the United Kingdom, the United States, Canada, Australia and Greece.
According to another recent study by Sophos, a cybersecurity company, 51% of South African organisations were hit with ransomware attacks in 2021, with just under half (49%) of the victims paying up. The recent data breach at Dis-Chem further underscores just how vulnerable South African companies in particular are to various kinds of cyber-attack.
Cyber security and digital vulnerabilities rank within the top 10 risks of most surveys and reports. There are few companies that don’t already have a cybersecurity programme in place, either provided by in-house IT or a specialist third-party provider, as well as cyber insurance. The Sophos study referenced above indicates that cyber insurance has become more common, with 77% of respondents relying on it to cover ransomware attacks specifically. In 99% of incidents, the insurer paid all or some of the costs.
However, all of this costs a lot of money. Are your cybersecurity precautions becoming somewhat habitual, and are your insurance premiums just steadily climbing? Taking a more proactive approach could keep your cybersecurity efforts honed, build your resilience and keep your insurance premiums down.
Independent testing and assessment can play a vital role, keeping your cybersecurity measures up to speed and helping convince your insurer that you are a lower risk and so deserve lower premiums. With this in mind, Pax Resilience is partnering with Cyber Armed Security and Zeno Labs to offer several services aimed at solving these issues.
Pax Resilience understands the pressure that most CISO’s and IT departments are under and has been offering free vulnerability assessments to selected organisations. It uses an automated scan in addition to a manual review to identify vulnerabilities in the information systems across the internet and dark net. The vulnerability assessment then assigns severity levels to those vulnerabilities, and recommends actions to take.
A second useful service is phishing training awareness and simulation. Social engineering still remains a weak link in the chain of cyber defence, and people are often the most vulnerable part of any organisation’s IT environment. It is vital to keep informing them about the dangers and, more crucially still, honing their skills by repeated testing.
Then there’s penetration testing, which takes things to a higher level by actually attempting to breach the system in the same way that cybercriminals would. Because the pressure of cybercrime is unrelenting, companies need to implement a regular regime of penetration testing to ensure that new vulnerabilities are identified and remediated.
Think of it as engaging a coach to help your cybersecurity team stay at the top of its game—and your organisation as safe from cybercrime as possible. To see if you qualify for a free threat assessment contact Michael Davies at michael@paxresilience.com
