As South Africa and the continent continue a digital transformation journey, the risks that threaten businesses’ data and IT infrastructure become more apparent, writes Deshni Harricharan – Head of Enterprise Sales at SEACOM. Much progress has been made in the digital sphere, though malicious actors can still take advantage of complacency, half-baked cybersecurity strategies, or simply a lack of any strategy whatsoever. And the result is a digital pandemic that threatens to undercut our digital progress.
According to recent Kaspersky Security Network Data for corporate users, South Africa, Kenya, and Nigeria experienced significantly more backdoor computer malware in Q2 2022 compared to the previous quarter. South Africa itself saw the highest number of backdoor detections (11,872 cases), representing a 140% increase between quarters.
The severity of these kinds of threats should be prompting IT leaders to consider the best course of action regarding infrastructure and data hosting solutions that best meet their needs. The goal is to go from “half-baked” to “baked-in”, and by understanding those threats and the security measures that can mitigate them, businesses can devise an ideal and secure system.
Know your enemy
We are fast approaching a point where no business can effectively operate without some kind of digital infrastructure in place, ranging from a single cellphone to an entire dedicated data centre. But there is no discrepancy when it comes to how cyberattackers choose their targets and pose threats across the spectrum.
For some, those threats are very straightforward. This includes malware, malicious software that can block network access or steal company information by transmitting it from its source, and phishing, which exploits complacency and carelessness by posing as legitimate communications. These kinds of threats are mitigated through staying aware and vigilant, and this is always worth repeating.
But for others, especially businesses that maintain comprehensive IT and data management solutions, the threats can be more severe and, most concernedly, unpredictable. Man-in-the-middle attacks take advantage of unsecure connections, while distributed-denial-of-service (DDoS) attacks have the potential to take down systems and networks and bring business operations to a complete halt. Scalability applies both ways: the bigger the system, the bigger the consequence.
Keeping up to date
We could spend days talking about what behaviour is best suited to counter cyberattacks and what systems we can put in place to prevent them, but another element to consider is complacency. Many businesses view their cybersecurity strategies as something they implement once and then forget about for the medium term. Failing to keep up with the latest developments, as well as not keeping your solutions up to date, can be a fatal mistake.
An example of this can be found in old versions of the Microsoft Office suite, which remains a main target for attackers. Kaspersky found that in Q2 2022, vulnerabilities in old Office versions accounted for 82% of all exploits across different platforms. For many businesses, Microsoft Office is essential for maintaining high productivity and efficiency levels, ranging from simply creating content and keeping daily track of data to serving as the central point of all in-house communications and cloud storage.
This shows the danger of thinking about security once instead of baking it into your systems and processes. Solutions like Microsoft 365 mean businesses aren’t vulnerable to outdated software, and don’t have to rely on manual updates. Software as a service offers automated system updates as well as enterprise-grade support that businesses can rely on in the event of uncertainty or anomalies. It also serves as an investment that adds real value above and beyond productivity levels. It is an asset that remains both secure and reliable going into the future.
Take it to the cloud
Businesses are being encouraged to adopt cloud computing solutions as they present new opportunities for data handling and management, and scaling interconnected systems. Gartner estimates that enterprise IT spending on public cloud computing will overtake spending on traditional IT solutions by 2025; a trend that has greatly accelerated over the last two years. To that end, many organisations that incorporate cloud-based tools will find these systems come equipped with the necessary cybersecurity measures and protections already in place.
Cloud computing comes with stringent security measures. Hosted security solutions that are based on network function virtualisation (NVF) technology offer firewalls and security services that can be managed remotely – made even easier with the help of trusted vendors who make it their business to protect your data and operations. And like with traditional computing, DDoS protection can be cloud based and comes fully optimised with the network in question.
Adopting cloud-based security solutions is a go-to step as many solutions are pre-configured and easy to implement. For example, endpoint protection lets businesses have anti-virus and firewall protection on their devices and prevents malware, zero-day exploits, and web-based attacks from compromising essential hardware.
All these measures and more highlight the benefits of a cloud-first approach, complementing its scalability and reliability – elements that are essential for Africa’s digital transformation. By thinking hard about what you want your systems to do, combined with the best ways to secure them, businesses can begin to make future-fit decisions and invest in IT the right way.