South Africa is a particularly attractive proposition for cybercriminals. The global Cyber Exposure Index ranks South Africa third on the list of most-targeted countries for cyber attacks.
Heino Gevers is customer success director at Mimecast
Small businesses are not immune to this - far from it: one global study suggests that 58% of all breach victims were categorised as small businesses. And without access to the same skills and technologies as larger enterprises, small businesses remain vulnerable to attacks and often lack appropriate response and resilience capabilities that can restore normal operations in the aftermath of a successful cyber attack.
Window of opportunity
Thanks to supportive legislation regarding enterprise development in South Africa, many SMEs are access points into far larger (and potentially more lucrative) supply chains. This means an SME may not be a cybercriminal's ultimate choice of target, but a successful breach could expose larger organisations to attacks and leave the SME as collateral damage. The effects could be catastrophic in a country where 70% of SMEs fail within the first two years. Although no accurate data exists locally, government data in the US found that 60% of SMEs never recover from a successful cyber attack and close doors within six months.
Further compounding the risk for SMEs is legislation such as Europe's General Data Protection Regulation (GDPR) which threatens fines of as much as R300m should a European Union citizen's personal data be compromised due to ineffective data protection.
The South African Protection of Personal Information Act (POPIA) will also put the responsibility for the protection of personal data squarely on the shoulders of businesses - and SMEs are not exempt.
In the event of a data breach, SMEs face a dual risk as the cost of recovery is possibly matched by the hefty fines imposed by the South African and EU governments, not to mention the reputational damage that may result.
A cyber resilience strategy for SMEs
Consider that 91% of all hacking attempts are initiated via email: all it takes is one employee clicking on a malicious link, opening a compromised attachment or sending sensitive information to an imposter, and the business is left exposed to significant cyber risk. Small businesses are not left entirely defenceless in this regard.
In a landscape where cybercrime is on the rise, insurers and advisors have an added duty of care to protect their clients' data, be it the personal information of a single individual, or the highly sensitive data of a large corporation...
Cyber resilience for email has emerged as a go-to strategy for businesses large and small in the fight against cyber attacks. Modern solutions that secure email are available to businesses of all sizes.
The right solution should offer comprehensive protection against malware, spam, phishing and targeted threats like impersonation attacks and spear-phishing, while also simplifying and streamlining email management. Cloud-based security solutions allow SMEs to boost their cyber security by accessing security services they would not normally be able to afford.
Effective cybersecurity awareness training adds another layer of prevention to SMEs who may lack the funds to invest in top in-house cybersecurity skills. By empowering employees with the right training to identify and act upon potential cyber threats, SMEs create a human firewall around their critical business data.
The PwC 2018 Global Economic Crime Survey ranks cybercrime as the second most frequently reported type of fraud and identifies it as the most disruptive and serious economic crime expected to impact organisations in the next two years.
LEGAL DISCLAIMER: This Message Board accepts no liability of legal consequences that arise from the Message Boards (e.g. defamation, slander, or other such crimes). All posted messages are the sole property of their respective authors. The maintainer does retain the right to remove any message posts for whatever reasons. People that post messages to this forum are not to libel/slander nor in any other way depict a company, entity, individual(s), or service in a false light; should they do so, the legal consequences are theirs alone. Bizcommunity.com will disclose authors' IP addresses to authorities if compelled to do so by a court of law.