As we reflect on the events of 2022, one thing is clear: cyber criminals are staging increasingly vicious attacks and various attack vectors are being explored.
The drafting of new cyber laws globally highlights the scrutiny that organisations need to adopt when handling data and can no longer be ignored.
These topics, which have been flying under the radar, are becoming an urgent focus area for businesses.
So, what lessons can we share from our experience in our fight against cybercrime?
Lesson 1: Understand your Data
Since the launch of the POPIA act, data protection has become a huge topic for businesses. Understanding the amount of data and its accessibility within an organisation is critical. The data a business contains makes the organisation the custodian and therefore the managing agent of such information. This could range from customer details to internal employee records; the importance here is to ensure that data is adequately labelled, and a distinction is made between internal and external data (customer data). An example of external data being breached happened in South Africa this year: a cyber incident experienced by TransUnion resulted in 5 million records of customer data being leaked (TransUnion, 2022). Alarmingly, there have been countless, similar cases.
Lesson 2: Understand your Assets
Assets can take the form of laptops, desktops, servers, and printers and are often referred to as IT assets. Some organisations have broader sets of assets, namely Operational Technology (OT). OT assets are commonly referred to as assets which allow your business to provide services to customers and end users. An example of OT for banks would be an ATM and for hospitals, diagnostic machines for patients. The importance of this distinction would allow you as a business fighting cybercrime to segregate your IT from OT environments.
Lesson 3: Understand your IT Landscape
Your IT landscape is paramount and protecting your digital image has become evermore so important. Many organisations have begun digitalization projects and, in some cases, not correctly vetted their providers for Cyber resilience. This, coupled with the internal legacy applications, does pose a risk, and could become an attack vector to exploit. Measuring where you are in terms of cyber resilience could safely guard you from the pain of having part of your IT landscape breached.
Lesson 4: Understand your place within the Supply Chain
Within the economy, companies no longer work in silos when it comes to data transfer and exchange. Emails are sent, documents are shared, and collaborative connectivity is established for the greater good of providing better and faster service. As an organisation, it has become critical to understand one’s place in the supply chain as an entity in the broader society. Attackers have realised that to breach a larger more secure entity, they can target smaller players within an organisation’s network. This has launched multiple security compliance topics for both bigger and smaller businesses. The inability to understand one’s role in the supply chain could compromise key sectors within the economy.
We look forward to 2023 and can deduce that the abovementioned lessons will become increasingly important. More organisations will be looking to safeguard themselves and their customers from harm and exposure from cyber criminals. The idea of old was to throw technology at everything without taking cognisance of the importance of every aspect within an organization. What do we see?
- More organisations imposing compliance and measures to understand their Data
- More organisations de-risking their exposure to assets operated outside of their organisations
- More organisations vetting solutions and projects within their IT landscape
- More organisations launching security compliance activities for entities operating within their supply chain
The key is to understand through continuous discovery, rather than suffer exposure due to ignorance.
References: TransUnion, 01 June 2022, “Update: South Africa Cyber Incident”