Zimbabwe officials mull over data rollover as costs rise

Data rollover
in Zim?
  
Consumers bear brunt
of economic hardship.

Sunday, Jun 16th

Staff buy-in critical for effective corporate cyber security

Staff buy-in critical for effective corporate cyber security

In 2018, 26% of young adults committed suicide globally as a result of cyber bullying, and 945 data breaches led to 45 billion records being compromised in the ongoing cyber crime challenge.

These statistics emerged from a panel discussion how do you increase user awareness and keep your workforce 'cyberfit', hosted this week at the ITWeb Security Summit 2019 in Sandton, Johannesburg.

Amid growing cyber threats, ever-present dangers on the dark web and exponential use of the internet over the past decade (over three billion emails are sent globally every day), experts warn of a substantial increase in cyber attacks.

"Each year companies fall victim to data theft, industrial espionage and sabotage, their very existence is in jeopardy," said Jenny Mohanlall, chief executive officer of RITS-SA.

Against this background, the panel tackled the issue of user awareness and creating a 'cyberfit' workforce.

They began the discussion with a focus on the development and implementation of an effective phising program to test the readiness of staff to identify and deal with phising attacks.

Mdu Zakwe, CEO, MICT SETA, said it is important to understand user behaviour and the different views of the World Wide Web that makes up the organisation's landscape. He said the various silos in business, including HR and finance, face different risks and threats.

"There is no 'one-size-fits all' with a phising programme. Once you understand that everyone needs to learn and attend to the risk that they face, it is very easy to tailor-make a phising programme that would suit the entire organisation ... but that is step number one."

He stressed the need to educate the workforce about IT security policies, assess the level of understanding and accurately measure any change in behaviour.

The security culture of a business and its influence on effective protection was raised in the discussion.

It is important not to create a culture of fear and reprisal, and rather focus on a security culture that is based on trust.

"You need to build a trust relationship and the way to do that is to instil a company culture of trust with cyber security... you cannot instil a cyber culture in a person if the company doesn't have it," said Kobus Pienaar, CIO, Vedanta Zinc International.

Julian Ramiah, Group Chief Information Security Officer, Liberty Holdings, said when it comes to risk management and IT security awareness, "we are doing this very textbook, we are doing this without taking people on a journey."

Ramiah criticised the industry for fuelling complexity and the way it communicates issues and engages with people. "As much as we are part of the community, the client and the solution, we are also making this problem bigger than we ought to."

ALSO ON ITWEB AFRICA

Vodcom Lesotho confirms M-Pesa banking deal Published on 20 May 2019

Operator partners with Standard Lesotho Bank to enable real-time transfer of funds.

Kenyan consortium launches mobile banking app Published on 22 May 2019

Mobile loan product Stawi introduced, backed by Central Bank of Kenya.

NEC XON's Saunders will discuss the 'perfect storm' brewing at ID4Africa Published on 13 June 2019

Grahame Saunders, who heads up NEC XON's identity management portfolio, will speak at ID4Africa about how advances in biometrics and mobility have changed the identification opportunities for more than a billion Africans.