Social media giant, Facebook’s CEO recently made chilling revelations to the US Congress that his company’s data was illegally ‘harvested’. Lax individuals and businesses in Botswana must be wary on cyber security issues. It could happen to you!
Fidelis Mnkandla, a security specialist in IT-IQ Botswana, gives a robust insight on what organizations and employees can do to combat cyber-attacks.
BOTSWANA’S BUSINESSES AWARE!
The internet has been referred to as the great equalizer, there is no third world on the internet and in fact that’s precisely what some hackers use to target computer systems in developing countries.
Batswana may have a false sense of security that no one cares about their systems. We are not immune. Cyber-attacks, in Botswana or anywhere in the world means loss of business or revenue. You do not need to be a large corporation or have fancy software and applications to be at risk.
The simple task of accessing emails and the internet could lead to loss of critical data, access to personal information and corporate funds, a breach of customer data or ransomware attack. All these could cripple an organization.
HOW MUCH SHOULD YOU WORRY ABOUT IT?
You should be very concerned and highly alert. A 2018 Symantec threat report says the average user both in large enterprises and small businesses was targeted by a similar number of viruses during 2017(10 and 9 respectively). South Africa is rated #9 in the world for countries that had the highest email malware rate in 2017, with 1 in 233 emails received in South Africa blocked as malicious.
- Firstly, know what you have so you can protect it. This includes data critical to your business and an inventory of hardware and software, what version of software and firmware you have as well as who has access to information in your organization.
- Conduct an awareness of the threats that are out there and the different ways an attack can be instituted against your systems. This should allow for the formulation of a commensurate level of protection that matches the value and critically of your information assets.
- As a bare minimum, protect yourself with some basic elements such as strong authentication into your systems/network, maintain up-to-date software, back up your critical data and enforce a computer use policy for what employees can access and download onto their machines and the network.
- It is critical to have the tools in place to detect and mitigate against an attack and these tools should be positioned appropriately.Some of these protect the network from external threats known as a network firewall, others may protect the individual machines and they are commonly known as endpoint protection.Other type of tools are the ones that will detect, alert and drop any suspected anomalies in the computing environment, also known as Intrusion Prevention Systems (IPS/IDS). Think of it like an alarm for your Network/IT System.
- Finally, prepare a response plan in terms of what to do in the event of a cyberattack and how you can restore operations to normal as quickly as possible.