from MTHULISI SIBANDA in Johannesburg, South Africa
JOHANNESBURG – AN executive has raised concern at the continent lagging behind in putting in place necessary plans to respond to rising cyber attacks.
According to African respondents in Control Risks’ latest “Cyber Security Landscape” report of 2018, about 62 percent of firms in Africa do not have any cyber crisis management plans to help them respond to a breach.
This is compared to Europe and Middle East (40 percent) and 31 percent in Asia.
“These numbers are a perfect example of the increase of cybersecurity issues where Africa is lagging by not putting the necessary measures in place to ensure they are not compromised,” said Riaan Badenhorst, Managing Director of Kaspersky Lab Africa.
In an interview with CAJ News Africa, he lamented an ever-growing Advance Persistent Threats (APT) activity in Africa, due to how technologically-connected these countries were, and where a whole new wave of attackers were becoming much more active.
“In light of the constant technological development that affect the cybersecurity landscape, no enterprise is 100 percent safe, as African businesses live in a world where the question isn’t whether you’ll be attacked, but when, and how quickly and completely you can recover,” Badenhorst said.
He said African countries must split their approaches into four distinct disciplines, which must work together to enable ‘true cybersecurity’.
“This process can provide an adaptive enterprise’s security architecture: with the ability to predict, prevent, detect and respond to cyberthreats.”
The executive said in the last few months, the company noted some well-known actors were rethinking their strategies and reorganising their teams for future attacks.
In the first quarter of 2018, Kaspersky research shows an 8,5 percent increase in ransomware attacks in the Middle East, Turkey and Africa (META) region compared to the same period last year.
The statistics for the same period also showed a noticeable overall increase in web threats with 30,2 percent of users affected by malware in Saudi Arabia, 28,8 percent in both Egypt and Oman followed by 27,4 percent in the United Arab Emirates.
South Africa had the lowest number of affected users in the META (48,8 percent for local and 19,6 percent for web threats).
Badenhorst said while all industries were at risk, research showed the financial sector was under the most threat.
“Attacks on ATMs continued to rise in 2017, as the attackers were aiming at bank infrastructure and payment systems using sophisticated file less malware, as well as the more rudimentary methods of taping over CCTVs and drilling holes.”
As data breach costs rise so are the consequences of these breaches.
Small and medium businesses (SMBs) in the META, for example, saw the average cost of a breach reaching $114 000 in 2018, 30 percent higher than in 2017.
For enterprises, it increased by 63 percent. The average financial impact of a breach reached up to $965 000.
SMBs that faced data breaches on average lost $15 000 on new business opportunities. Another $15 000 was lost as a result of damage to credit rating and insurance premiums and $14 000 on improving their software and infrastructure after the breach.
Enterprises in the region spent $144 000 on improving software and infrastructure. The same amount was lost because of the damage to credit rating and insurance premiums.
The enterprises had to spend $113 000 on additional public relations (PR) exposure, to repair the brand damage due to the incident.
“These increasing costs are a major concern for businesses amidst today’s digital transformation wave that involves the need to operate with growing IT infrastructure,” said Badenhorst.
– CAJ News