Cyber Security• Compliance • Cloud Computing
The past year has been a rollercoaster for businesses in every sector. One thing that’s come into the spotlight is the need for proper information and cyber security across all industries.
Cyber threats are becoming increasingly advanced and data breaches increasingly devastating. More and more companies and individual users are taking their security more seriously, but there’s still a long way to go.
“I always say you can never be 100% secure while you’re connected to the internet, but you can make it very difficult to be hacked,“ says IronTree’s cyber security analyst Mayan Stegmann.
Looking ahead to 2022
When we look at the state of cyber security in 2021, it’s clear that the need and urgency for improvement is at an all-time high.
So, what do current trends tell us about new technologies and the changes we should make for 2022?
In October, during Cyber Security Awareness Month, Forbes reported: “In 2021 alone, 85% of data breaches involved the human element, with 94% of malware delivered via email.”
All over the world this year we’ve seen a significant increase in data breaches and attacks. Here are a few that come to mind:
- Transnet, South Africa: The key ports of Durban, Ngqura, Gqeberha and Cape Town were shut down by a cyber-attack that crippled the Transnet’s IT system and forced it to declare force majeure as imports and fruit exports came to a standstill. Suspected route: Uncertain.
- Department of Justice, South Africa (DoJ): The DoJ’s IT system was breached through encryption, making its electronic services unavailable to internal employees and members of the public. Suspected route: Email phishing or drive-by-attack.
- Colonial Pipeline, USA: The major American oil pipeline suffered a ransomware attack that led to extensive fuel shortages on the East Coast. Suspected route: Compromised password.
Due to the most basic of security vulnerabilities of even these high-profile establishments, it’s become clear that the first prevention in a cyber security arsenal must be a solid perimeter defence.
What does a solid defence perimeter involve?
- Continuous scanning for possible threats
- Multi-factor authentication for system access
- Comprehensive data protection
- Automated system and software updates
- High employee awareness of cyber threats
- A fully managed and automated cyber security system
Securing one’s own IT network is just one part of the cyber security challenge that every business faces – you also have to protect the data in your business’s care, and this is where data compliance comes in.
The rollout of a data regulation in SA has been a bit stop-start, but July 2021 eventually saw the official enforcement of the Protection of Personal Information Act (POPIA), which is SA’s equivalent of the GDPR and other data regulations in the world.
Compliance with the requirements of POPIA is a prerequisite for any local business, no matter its size, and data security is very much at the heart of it.
The data compliance process may seem tedious, but the long-term benefits are highly beneficial to all. Let’s look at some of the benefits now:
- Improved customer confidence – the proposed security enhancements will bolster reputation and breed trust by proving you have good data governance systems in place.
- Better data security – compliance will lay the groundwork for improved data security.
- Reduced maintenance costs – a thorough data analysis will lead to better understanding of how data flows through a company and will encourage more efficient data usage and storage, resulting in less expenditure.
- Better use of evolving technologies – through the evaluation exercise of existing data networks a company will have a chance to consider the latest in technology trends, i.e. virtualisation and cloud computing, which in turn contributes to points 2 and 3.
- Improved decision making – a better understanding of the data a company holds will naturally lead to improved decision making, if only because they’ll pay closer and more specific attention to what they collect and store.
The good news is that you can support your security and compliance journey by adopting a cloud-first approach when it comes to data storage, application hosting and business functions.
What does it mean to take your data into the cloud?
- You remove environmental risks such as:
- Load shedding
- Unauthorised access
- Your data is off-site, secure, recoverable, and ‘always on’.
- Your data and operations can easily be recovered in the case of a disruption or disaster.
As demand in future-proofing product offerings has increased worldwide, cloud-hosting, cyber security and compliance solutions have become more and more affordable. Gone are the days where only large multinational organisations are able to purchase enterprise-level security and data management solutions.
By analysing your environment in terms of the three Cs – cyber security, compliance & cloud computing – and then acting on your findings, you’ll be able to up your cyber security setup to the degree that’s necessary for protection in cyberspace today.
Why not consider a detailed review of your environment in the new year? An IronTree consultant is available to evaluate your systems and suggest the best possible efficiency and security upgrades.
Let’s talk cloud hosting, cyber security and POPIA compliance – book a time now and start the new year with peace of mind.