Cybercrime is the fourth most reported economic crime in South Africa. The local economy is reportedly losing as much as R1 billion annually due to online criminal activities. According to the recently launched Cisco Midyear Cybersecurity Report 2017, revenue generation remains the number one objective of attackers. The Cybercrimes and Cybersecurity Bill of 2017 has been introduced with the aim of providing South Africa a coordinated approach to fighting cybercrime.
Cyber threats are growing in sophistication both locally and globally. This was evident with ‘Wanna-Cry’ and ‘Nyetya/ Petya’ attacks. It is becoming more and more evident that the aim is no longer just to attack for monetary gain, it’s also a social protest in some instances with the aim to destroy in a way that prevents defenders from restoring systems and data.
Although no industry’s safe, this year’s Midyear Cybersecurity report offers in-depth analysis of key security concerns for eight industries in South Africa and globally:
Manufacturing: A key industry for the country’s recently announced industrial transformation and economic growth plan. Manufacturers are adding connected devices to outdated machines, security professionals are raising concerns that attackers may find the combination ripe for exploitation. Vulnerable systems could lead to factory floor downtime.
Finance: Technology has been at the core of the five big banks in South Africa and the rest of the financial services sector, with growth in the use of mobile changing the way consumers and suppliers are opting to manage their finances. Malware attacks designed specifically to compromise financial services networks remain a concern. Cybersecurity measures are critical in finance in order to comply with data governance and regulation such as the Protection of Personal Information Act 4 of 2013 and the Financial Intelligence Centre Act, as amended.
Healthcare: 37% of healthcare organisations worldwide said that targeted attacks are high-security risks to their organisations. Targeted cyber-attacks have also become more worrisome than breaches involving lost or stolen hardware, demanding a more precise approach to detecting and mitigating threats.
Public Sector: The transition to the cloud presents challenges to a public sector that constantly needs to maintain consistent protection against cyber-threats. One-third of public sector organisations globally said that targeted attacks, advanced persistant threats (APTs), and insider exfiltration are high security risks. In addition, public sector security professionals said that public cloud storage and cloud infrastructure are the most challenging elements to defend against attacks.
Retail: Retail security professionals said targeted attacks (38%) and insider exfiltration (32%) pose the highest security risks to their organisations. They are right to be concerned – often, attacks begin inside an organisation.
Service Providers: Service providers have myriad challenges, such as protecting their IT and production infrastructure as well as their customers’ data. 59% of the service provider security professionals globally said their top priority is securing their own data centers or core production networks so as to reduce the risk of attackers interrupting their core business – providing service to customers.
Transportation: More than a third of transportation security professionals said that advanced persistent threats (APTs) and the proliferation of BYOD and smart devices were high security risks to their organisations. In addition, 59% of the security professionals said that cloud infrastructure and mobile devices are among the most challenging risks to defend against attacks.
Utilities: Security professionals said targeted attacks (42%) and advanced persistent threats or APTs, at 40%, were the most critical security risks to their organisations. In addition, they cited mobile devices, user behavior, public cloud storage, and customer data as the top challenges to their defender strategies.
The report provides recommendations on how these industries can improve their security posture, including using services to bridge knowledge and talent gaps, reducing complexity in their IT environment, and embracing automation.
The information for this material comes from the Cisco 2017 Security Capabilities Benchmark Study in which 3,000 chief information security officers and other security leaders were surveyed. Thirteen countries are represented in the study, but just as no industry is secure no country is considered safe. Malware traffic is a global problem.
The tug-of-war between Attackers and Defenders - Reducing Time to Detection:
On a positive note, against more familiar attacks, defenders are continuing to reduce time to detection (TTD), constraining the time and space that adversaries have to operate. This is forcing bad actors to innovate quickly. In examining Cisco’s median TTD, it’s been trending downward from a little more than 39 hours in 2015 to about 3.5 hours for the period from November 2016 to May 2017.
Cybersecurity Global Skill Shortage:
Development of digital skills is paramount to the region’s transformation, in addition cybersecurity skills must evolve which is why Cisco South Africa recently launched a Cybersecurity Experience Centre and Academy – the first of its kind to educate and fast track the skills needed to deal with the growing global challenge of cybersecurity.
For almost a decade, Cisco’s published comprehensive cybersecurity reports to support and keep organizations informed about the latest cyber threats and vulnerabilities and to provide steps to improve security and cyber-resiliency.
Download the Mid-Year Cybersecurity report to learn more about major additional findings, latest threats and what Cisco recommends organisations should do to protect themselves.
In addition, you may also register for a complimentary webinar taking place on Thursday, September 14, 2017, for a more indepth look into the findings and suggested solutions.