Cyber threats, data privacy laws demand business resilience

Building cyber resilience has become a business imperative for businesses across industries that hold sensitive information, warns Craig Allen, principal security engineer at iOCO, a specialist technology solutions provider.

Allen, who is based in the United Kingdom, says the growing value of data and geopolitical conflict of 2022 has led to an increase in aggressive attacks on businesses and the public sector by hackers and disruptors and the cost of cyber insurance has grown dramatically.

In addition, legislation stipulating that data and software must be protected are increasingly being implemented and enforced around the world. According to the United Nations Conference on Trade and Development (UNCTAD), 137 countries have put legislation in place to protect data and privacy.

iOCO, an EOH company, urges businesses to protect themselves against new cyber threats that are continuously emerging on the horizon. Businesses must not merely build secure IT systems but constantly evaluate and defend their systems against changing risks and emerging threats, says Allen.

They hold sensitive data and therefore need to ensure that their organisations have adequate cyber resilience systems. “It is critical for all organisations to know and protect their data, because the value of data has grown significantly in recent years. Many organisations are not sufficiently aware of the data they have or where it is located within their businesses and should tackle this challenge.”

Rian van Greunen, managing director of iOCO Enterprise Application Management (EAM), says cyber-attacks are becoming more prevalent and sophisticated, with attackers using artificial intelligence to infiltrate businesses’ IT systems. This means that businesses need equally sophisticated solutions which apply machine learning and artificial intelligence to address current threats.

“Ransomware threats are constant and growing,” says Van Greunen. “The attackers are often paid actors who target the public and private sectors and seek to cripple organisations by locking in their machines with ransomware.

“The best approach is to have the right cyber resilience solutions in place which ensure that your data is encrypted and can’t be accessed if someone does obtain it. The second priority is to ensure that a business can continue to operate and can recover swiftly if an attack is carried out successfully.

“There are a series of structures and processes that must be put in place to defend against and recover from attacks. But the most important step is to continuously evaluate the security posture of a business to stay one step ahead of internal and external threats. Traditionally, businesses followed a strategy of evaluating their security postures on an annual basis, but this is no longer an effective approach.”

iOCO assists businesses in bolstering their cyber resilience by implementing solutions that allow them to automate functions such as the analysis of suspicious files for malware. It develops applications with automated build tools, which improves the security of software by performing security testing in a standardised way.

Van Greunen says in their experience, businesses often have multiple solutions in place to make their organisations secure. Regardless of the type of software, database, infrastructure, or cloud solutions a company uses, one view of the estate must be established and retained.

This approach helps businesses to identify anomalies in their systems that could be indicators of internal or external threats. “When the boundary of the system is continuously evaluated and the interior is monitored, a business can effectively defend itself against the latest threats.”

Van Greunen adds that cyber resilience providers stay ahead of evolving cyber threats by working together as an industry, ensuring that vendors have solutions in place that meet the high cyber security and resilience demands of businesses.

• iOCO was recognised for its cyber security capabilities when the company received the 2022 Partner of the Year Award by CyberRes, a Micro Focus group, for the second consecutive year. The award highlighted its cyber resilience strategy, implementation and support work across international markets.

ALSO READ: 5 deep tech trends to watch from SA entrepreneurs