Loading...
News Updates:



Cybersecurity Awareness Month: If you own a business, you need cyber insurance

Cybersecurity Awareness Month: If you own a business, you need cyber insurance
13-10-23 / Sisanda Ndlovu

Cybersecurity Awareness Month: If you own a business, you need cyber insurance

Johannesburg - Those in the information security sector have long held the opinion that it’s not a matter of whether a company is going to experience a cybersecurity incident, but when. Cybercrime has become one of the biggest risks to business survival for South Africa’s SMME sector – Interpol estimates that 90% of African businesses are operating without the necessary cybersecurity protocols in place, putting themselves and their clients at risk of massive financial and reputational losses.

To get a better understanding of the current  IT network vulnerabilities and whether South African firms are battening down the hatches, commercial partner at King Price Insurance George Parrott unpacks the risks.

“Businesses, especially in the SME sector, are more prone to attacks as what they spend on firewalls and security solutions just can’t match the tools that cybercriminals have at their disposal. Some business owners may mistakenly think that, because they store their sensitive data in the cloud, the cloud platform operator is responsible for that data, but that isn’t the case,” says Parrott.

This Cybersecurity Awareness Month, Parrott shares four tips and highlights the importance of being proactive to ensure that the correct processes and protection are in place.

Educate your people

In the world of cybersecurity, people are the weakest link. You can have all the security and firewalls in the world, but they count for nothing if one employee clicks on a dodgy link in an SMS or an email. “I can’t stress how important it is to not only have a strong remote working security policy, but also to constantly keep security top of mind with every single employee,” says Parrott. It’s important to constantly create cybersecurity awareness among ýour employees and also to do training around what to look out for.

Keep the crown jewels safe

It’s important to get the security basics in place: A firewall, enterprise-level anti-virus software, and regular data back-ups. Businesses must also be able to control who can access their information. This means ensuring robust verification of everyone who wants to access company systems and networks, and keeping a log of who accesses the system and when. Something else to consider is having some form of cyber insurance in place, to help cover your business in case it becomes a victim of cybercrime despite all efforts to prevent this from happening.

Use a VPN

If your people work remotely or use their personal devices for work, virtual private networks (VPNs) are a critical tool. A VPN provides a secure, reliable connection to your company’s computer systems, even if your people are logging on from public Wi-Fi, says Parrott. All your internet traffic is then routed through an encrypted virtual ‘tunnel’ that is secure and private.

Get those updates done

When your device is in the office and connected to the company network, security updates are installed automatically. Away from the office, it’s the ‘Wild West, with many remote employees either postponing or altogether avoiding installing updates. “You’ve got to make it as easy as possible for your people to stay updated, otherwise you’re putting yourself at risk,” says Parrott.

The risks are immense: A cyberattack can literally put a small- to mid-sized company out of business. The IBM annual Cost of a Data Breach Report shows that breaches have cost local companies an average of over R49 million each, yet many businesses still ignore the threat.

“This highlights the need for continuous training of employees but, even here, training can only go so far. The fact is that cybercriminals are constantly improving their methods of attack and compromise through the use of emerging and ever-evolving technologies,” says Parrott.

Good password hygiene, multi-factor authentication, training, back-ups, awareness, and cyber insurance can all help to mitigate the impact of a cyberattack and these days it’s best to make use of as many of these tools as possible.

“Don’t wait for an attack to happen before you take action because, for all you know, that attack is happening right now,” says Parrott.

Leave a Comment