Presented by Altron Systems Integration

What happens when you’re hacked?

By Boland Lithebe, Altron Systems Integration security practice lead

Many South African businesses are ill-prepared to deal with hackers. The difficult truth is that it will cost them a lot unless they act strategically, right now, to protect their networks and data.

Their challenges right now are immense, no doubt. People everywhere continue to embrace blended and digitalising work environments and hackers are taking advantage worldwide.

These and other trends increase already enormous risk. The trouble is, many South African organisations haven’t assessed their posture, their appetites for risk, and taken the appropriate steps to mitigate.

Instead, they place their faith in firewalls and anti-virus software alone, often only realising the inadequacies of that approach when it’s too late.

Midnight call

For example, we’ve received numerous “midnight calls” from people at large South African organisations who have been hacked. Their biggest challenge is that they don’t know where to start doing something about it.

The good news is that they are aware that there’s been an incident. Many don’t yet have that capability, which is fundamental because you cannot deal with a breach if you’re unaware of it.

That’s a skills challenge that creates inadequate strategies, policies and cripples any ability to respond.

The major challenges in this sector are the skills scarcity, deploying the right technologies, and establishing appropriate policies.

These combine with experience to create strong security postures capable of handling known, emerging, and future threats. The goal is to be able to identify, mitigate, contain, and respond to various threat vectors with processes to continually improve and evolve.

Poaching threat

The global working from home trend has also impacted the cybersecurity sector. International companies are employing South African skills who remain living in South Africa.

It’s easy for them to work remotely. South African organisations could do likewise, but in the global economic context, developing economies often fare worse in these scenarios.

Zero trust

Global threat intelligence services ensure real-time data and analytics to mitigate up-to-the-minute risks. Our cybersecurity operations centre hooks into the Cisco global platform, tapping into the global skills pool and most recent experiences.

The borderless network and blended work environments are key reasons why hacking is a global business that will be worth $6 trillion in 2021, according to Cybersecurity Ventures, the global cybersecurity research firm. In the world of hacking, what happens globally quickly proliferates locally.

The global Covid-19 pandemic generally resulted in many more cyber threats.

We saw a steep increase in attacks of all kinds but specifically phishing and spear phishing. Spear phishing attacks target specific individuals, particularly C-level executives. They demonstrate the need for potent policies coupled to intelligent tech and skilled agents.

Live hack

In one such incident in particular that we responded to, we watched live as the hackers attempted to log in using the stolen credentials. With the layered security that we had deployed at the customer, we contained that vector and stopped the attack before it could penetrate the customer’s network.

That kind of attack is now a daily occurrence. That’s why zero trust policies are essential.

Two-factor authentication helps connect authorised people to authorised devices. Roles-based access rights and privileges on the network help to contain exposure.

Automated and orchestrated administration, intelligent global threat monitoring, integrated AI-driven solutions, and certified, trained and experienced resources layer one upon the other to harden information systems while still enabling productive processes.

However, it is important to consider that no matter how layered and intelligent your cybersecurity, determined attackers will always find a way in.

That doesn’t mean all is lost. Rather, it amplifies the demand for the layered approach because it matures your organisation’s resilience to breaches and enables sophisticated recovery mechanisms.

Latest news

Partner Content

Recommended

Share this article
What happens when you’re hacked?