2014 was a tough year for the local cyber security industry. The number of threats and data breaches increased both for individuals and organisations. There is clear evidence that home-grown cybercriminals are becoming more elite and sophisticated meaning organisations will continue to lose as they scramble to change their defensive approach.
At Serianu, we have witnessed the evolving technology landscape and believe 2015 will only give cyber-criminals more opportunities to infiltrate the networks that house business and consumer data. When you think about the vulnerabilities and attacks we saw in the last quarter of 2014 (October – December 2014) alone, you begin to understand how fast our exposures is expanding. The key to protecting data is to develop a realistic and prioritized strategy, and to be proactive about implementing this strategy.
Below are five areas that every organisation should prioritize to enhance Cybersecurity efforts in 2015:
Priority 1: Cyber Security monitoring and Human-based Log Analysis is a MUST
The type of attacks local organisations experienced in the past year clearly confirms that traditional, signature-based security measures are simply inadequate when it comes to identifying and deterring today’s cyber-criminals. You can no longer rely on automated solutions to protect your data. Cyber criminals are very proficient at bypassing multiple automated defenses and have many social engineering tricks in their arsenal to leverage people’s habits to their advantage. Fortunately, virtually all attacks on your network leave behind indicators that signal a problem. Organisations need to implement cyber security monitoring processes to identify these behaviors, and alert relevant personnel to resolve the issues.
Priority 2: Organisation should evaluate the need for Managed Security Services
Very closely related to Priority 1 many organisations are finding out that they are ill-equipped to handle complex and multiple cyber threats. As a result, many organizations are looking at managed security service providers to ensure that their IT infrastructures are secured against attacks and potential security breaches. In the past years, 6 different organisations issued RFPs for managed services. Many organisations are looking at managed security services due to the fact that they are a cost effective and efficient way to maintain the competence of organizations while ensuring their continued growth. At Serianu we believe Managed Security Services are necessary to manage the growing computing complexities and increasing threats and cybercrimes, without interrupting organizations’ business operations. Local organisations need to identify key areas that can be outsourced and seek out vendors to support their internal security strategies.
Priority 3: Asset inventory, classification and risk assessment
Many organisations avoid the tedious task of identifying assets that need to be protected – inventory, classification and risk assessment. But unless you know these assets, their locations and value, how can you decide the amount of time, effort or money that you should spend on securing these assets? In 2015, organisations need to institute periodic reviews and risk assessments based on changes in the IT environment including new threats, vulnerabilities and consequences to ensure the continued effectiveness of the implemented controls.
Priority 4: Third Parties require MORE scrutiny
Outsourcing is not just a growing trend but the new reality of today’s rapidly evolving global economy, which raises a whole new set of risk management concerns for companies in every industry. Organizations are increasingly relying on third parties to provide and enable more critical services across the region. In fact there are cases where some organisations have outsourced over 70 percent of their operations and they rely on third parties to provide mission critical services to their customers and counterparts. Cybercriminals frequently are able to exploit vulnerabilities in the third party’s networks to get to the target company’s assets. Local organisations need to hold third-party entities to the same Cybersecurity standards and protocols that the organization itself follows internally. Otherwise, you put your company’s reputation and financial health at risk unnecessarily.
Priority 5: There is a need for MANDATORY Employee Security Awareness and Training
No matter how you look at it, people continue to be the greatest cyber security risk to any organisation. People are now the weakest link in the security chain. The latest security technology may protect core systems, but it cannot protect against employees giving away information on social networks or using their own, less secure, mobile devices for business purposes. Organisations need to invest in security awareness and training – that covers cyber security practices in the office, such as protecting passwords and using privacy settings on social media sites, has become best practice for people’s personal lives and effective security awareness training is tapping into that.
Bonus Priority: Every organisation must develop Local Cyber Intelligence and research
In our analysis of Cyber intelligence in the region, we have noted an increase in the number of Africa-based cyber-criminals, especially from Nigeria, Rwanda and Kenya. This is a clear indication that Africa is increasingly becoming a source of cybercriminals and tools. Most recently, we detected a cybercriminal ring that was harvesting Facebook account information from Kenyan users and some financial institutions for fraudulent transactions. Localized Cyber intelligence and research is critical to understand the types of attacks that local industries or peers are facing in the region. While many technology vendors will provide you with cyber intelligence – our experience has been that this intelligence is global in nature and does not include local intelligence. To be fully secure you need to develop local cyber intelligence capabilities.
(The writer is the MD, Serianu Ltd).