How business owners can leverage cybersecurity hacks from South Africa

Because we have no other option, South Africans have grown accustomed to dealing with crime. Various sources rank South Africa near the top of lists of countries with the highest crime rates in the world.

If you are a South African or live in South Africa, you most likely take a variety of precautions at home, work, and play to avoid becoming a victim of crime.

Criminals can and do strike at any time and in any place, as we all know. Rather than doing nothing, we change our behavior to reduce or eliminate our risk of becoming a victim of crime.

Criminals can and do strike at any time and in any place, as we all know. Rather than doing nothing, we change our behavior to reduce or eliminate our risk of becoming a victim of crime. From physical measures like burglar bars and electric fences to behavioral changes like not leaving doors unlocked to intruders and being aware of our surroundings when out and about, to security measures like locking our valuables away at home or using professional services like bank safety deposit boxes.

These lived experiences have provided us with relevant lessons from everyday life that can be applied to a category of crime that is expected to increase by 50% by 2021: cybercrime.

Victim-blaming isn’t one of them, despite the fact that it appears to be the first port of call when a business is hacked and held hostage by cybercriminals. When high-profile breaches and ransomware attacks make global headlines, the public’s reaction is frequently uncompromising.

This is most likely due to the significant reputational damage that a data breach or ransomware attack can cause a company. If a breach of security results in the exposure of customer data, the consequences can be disastrous, as savvy consumers who lose faith in the affected organization’s ability to protect their data take their business elsewhere.

Business clients will be no less demanding if firms cannot demonstrate the safeguards they’ve put in place to keep sensitive data secure.

So, what can companies do?

There is little international cooperation to combat it. “International and intercontinental cooperation is the only way to create an environment where the risks are greater than the rewards for cyber-attackers,” wrote Dave Russell, VP, Enterprise Strategy at Veeam, recently. During the pandemic, the scourge of ransomware accelerated, increasing the desire of government and business leaders to break the geopolitical impasse that has allowed cybercriminals to run riot. But it will not be easy, and a workable holistic solution will take years.”

What can we learn from how South African society has responded to our exceptionally high crime rate? We rely on our human instincts to protect ourselves in our homes, and when we are out and about, we make clear plans for managing our safety, and we attend venues that are guarded by professionally trained security personnel who monitor and respond to emergency situations.

Every organization should follow suit. There can be no discussion of the internet or digital strategy without mentioning cyber security. It must be top of mind at all times, and it requires buy-in from the entire organization, not just the IT department.

Every company should have someone in charge of security strategy and response, and this person should not only have access to the leadership team, but should ideally be a member of it.

Employee education and awareness are non-negotiable. Initiatives should be ongoing, and organizations should consider penetration testing and developing their own dummy attacks – in which a member of staff who falls victim to the exercise is not shunned, but rather used as constructive training.

While it is natural for any business to do whatever it takes to avoid a disaster, paying a ransom should never be an option. To paraphrase Dave Russell once more:

“Paying cybercriminals to get systems back online is a short-term defense strategy.” As governments become more active in preventing the spread of ransomware, businesses that do so may be investigated and sanctioned by independent regulators.”

While it is critical that governments and stakeholders around the world collaborate to accelerate measures that raise the stakes for cybercriminals, individual businesses must also do everything in their power to protect themselves from attack. This necessitates a comprehensive Modern Data Protection strategy that combines effective front-line cybersecurity defenses with a comprehensive data management, backup, and disaster recovery approach.