Cyberattacks on South African companies: what you need to do

South Africa is a hotbed for cybercrime. According to INTERPOL's Africa Cyberthreat Assessment Report back in 2022, a total of 230 million cyber threats had been detected within our borders. It is logical to assume that this number has risen since then. In the face of the ongoing barrage of email-based attacks, malware attacks, WhatsApp scams and more, every company needs to be hypervigilant. 3Cube Property Solutions provides a breakdown of the strategies you need to keep your business and its data safe.

Why is South Africa particularly hard-hit?

Many of the reasons for South Africa's weak cyber defence systems are linked to poverty and the socioeconomic divide. The low employment rate, coupled with poor education, leaves many of our citizens uninformed and vulnerable. The rapid transition to remote working brought about by the pandemic exacerbated the situation. Additionally, cybercrime legislation and training for law enforcement professionals in South Africa lag behind other parts of the world. The rapid advancement of AI and machine learning over the past two years inflames the problem further.

Rethinking your business's approach to cybersecurity

One thing is clear: the need for businesses to be vigilant has never been greater. We've put together a list of five strategies and best practices that businesses should follow.

Strategy 1: Build trust

It is imperative that employees feel that they can trust the company's IT professionals and management team. Time is of the essence in any data breach and if a team member is worried about reprisals, they will be reticent to speak up.

Strategy 2: Introduce a company-wide scepticism

Scepticism and business culture are words that seldom go in the same sentence, but a healthy scepticism can save your business from harm. People must be taught to question everything - from emails to videos - and to understand that in the era of AI and deepfakes, all is often not as it appears to be.

Strategy 3: Provide necessary training

Companies need to put security training at the forefront of their agenda - and the training offered should be tailored to their specific work environment. For example, consider a financial services company that handles sensitive client data and regularly processes high-value transactions. Due to the nature of their work, one of the biggest security risks is scammers gaining unauthorised access to client accounts. In this case, a robust tailored security training programme could include the following:

• Simulated phishing attacks that help employees recognise and respond appropriately to suspicious emails.
• Scenario-based training focusing on red flags for fraud.
• Regular updates when new threats emerge.

Strategy 4: Adopt zero-trust models

As the name implies, a zero-trust model is a scenario in which all users - both inside and outside of the network - are continuously verified before being granted access. By following the mantra of "never trust, always verify", you assume that no user, device or application should be trusted by default. Think of your IT security like airport security. Every single passenger needs to show their ID and boarding pass before boarding every flight.

Strategy 5: Monitor for threats in real time

There are various tools and techniques available to monitor your systems and detect breaches that initially go unreported. As explained by Microsoft, security information and event management (SIEM) is a solution that empowers companies to detect, analyse and respond to security threats before they harm business operations.

Another valuable tool in your arsenal is endpoint detection and response (EDR), which monitors endpoints (laptops, desktops and servers) for malicious activity. Some of these solutions offer automated responses such as isolating infected machines.

To keep your business safe, you need a robust cybersecurity policy. You also need the right premises. If you need advice about finding industrial, commercial or retail real estate in Gauteng or the Western Cape, reach out to the 3Cube Property Solutions team.