By Richard Frost, Head of Product: Cybersecurity at Armata
With South Africa being the sixth most targeted country worldwide regarding cyber attacks, it’s no surprise that organisations have to put numerous steps in place to protect their networks and data. This is all the more crucial in a world where we have legislation such as GDPR and PoPI that dictate how people’s data can be stored, used and transmitted, with harsh financial penalties for those found in contravention.
More companies are investing in network and data security solutions and being proactive in preventing breaches by carrying out active threat hunting, while there’s also a growing effort to separate Information Technology from Operational Technology as an additional security measure.
With more investment into network and endpoint security, these threat actors are now turning to tactics such as phishing and spear-phishing in order to get malware onto an organisation’s network. With employees more likely to be the weakest link in an organisation, the human firewall element has to be a key consideration, and cybersecurity awareness and training have to be carried out regularly.
Remote and hybrid working bring with them additional security challenges for organisations; while employees might receive cybersecurity training and practise safer online behaviour, the same might not be said for children or elderly members of the family who are sharing a WiFi connection and could potentially compromise all devices on the network. The security situation is worse if an employee connects from a public WiFi connection. Here, endpoint detection and response become key.
Employees will also have to be mindful of more than just digital security breaches, but also physical security issues. As an example, improperly discarded documents that contain personal, financial and other sensitive information can be used to build a profile against someone as part of a spear-phishing attack. Or, think of having confidential documents that stay displayed on a screen or are printed out and laid on a table for anyone to see. Employees will have to be cognisant of how they are storing and discarding information at home too.
New challenges also loom on the horizon for businesses. With larger organisations being able to protect themselves better, hackers are targeting third parties who might be smaller suppliers, business partners or even clients. The majority of large security breaches that occurred last year were due to a smaller company first being breached in order to ultimately gain access to a larger organisation. We are also seeing how artificial intelligence (AI) can be a double-edged sword, with tools such as ChatGPT now being used by hackers to create malware.
With threat actors always looking at new ways to breach corporate defences, organisations will have to respond with an ongoing investment in their security, both through the deployment of relevant products or solutions, and the continuous training of employees. However, while organisations might be doing more to be better protected against cyber attacks, what happens if someone breaks into their offices and then walks out with their PCs and servers?
We have already seen the overlap between cybersecurity and physical security when it comes to ensuring employees take better care of confidential corporate information. At the same time, at home – whether on a screen or printed – and it’s no surprise that we are seeing this convergence in the workplace too. Going forward, the overlap will necessitate the integration of cybersecurity and physical security in order to enable the sharing of events to the same security operations centre (SOC).