by WELLINGTON TONI
HARARE, (ITNews Zimbabwe) – AN information technology (IT) specialist has urged companies to adopt a holistic digital risk strategy to counter the threats posed by malicious actors set on stealing their intellectual property and personal data.
Tatenda Mujati, the expert, said companies must remodel their operations, this becoming imperative after estimations the annual global cost of cyber crime will double to US$6 trillion in 2021, up from $3 trillion in 2015.
“This strategy should span cyber security and data privacy risk across the enterprise and must incorporate more than just the defending against cyber-attacks,” Mujati, the IT Manager at Grant Thornton said.
Grant Thornton is a leading international audit, tax, advisory, investigation and forensics firm with branches in Bulawayo and Harare.
“Ever stricter data protection regulation, not to mention the public’s growing awareness of privacy, means technology companies must regularly re-examine privacy controls and implement data asset categorisation,” Mujati said.
Her sentiments fall in with those of James Arthur, partner and head of cyber consulting at Grant Thornton UK, in an article published in July 2019, when he noted technology companies were particularly more impacted by cyber crime.
Arthur urged these companies to develop a digital risk strategy based on their most strategically important data assets.
“After all, they hold more data than non-tech companies and often lead the way in adapting new technologies which can create cyber vulnerabilities,” he stated.
A new study from IT services firm Serianu shows the pervasive nature of cyber-crime across the continent, affecting businesses, individuals, families, financial institutions, and government agencies cost Africa an estimated $3,5 billion in 2017.
The Internet Society’s Online Trust Alliance (OTA) estimates that there were more than 2 million cyber incidents in 2018. It is likely this number significantly underestimates the actual problem.
OTA estimates an overall financial impact of at least $45 billion worldwide. The lead categories of attacks are cryptojacking (1,3 million) and ransomware (500 000), followed by breaches (60 000), supply chain (at least 60 000 infected websites) and business email compromise (20 000).
Mujati said tech companies should work on building trust.
“To start building trust, technology companies must offer value-added cyber security solutions such malware and ransomware screening that plugs vulnerabilities as part of their core offering,” she added.
Mujati made the companies aware that customers would align themselves with suppliers that conduct comprehensive cyber security audits and produce independent assurance reports.
“Reports that demonstrate capability, security and a serious commitment to risk management are without question a way for technology companies to differentiate themselves from the competition,” she said.
Mujati recommended that companies subject themselves to regulators.
“They must collaborate fully with valid requests for data and information and know the extent to which data should be provided. Lastly, they must demonstrate commitment to data protection by having their cyber risk practices tested regularly by an independent third party,” Mujati said.