There’s an old adage that prevention is always better than a cure. That’s no less true when it comes to cybersecurity – putting robust cyber security measures in place acts as a constant and intelligent guard against DDoS (Distributed Denial-of-Service) attacks
It’s estimated that in the last year alone, cybercriminals launched over nine million DDoS attacks, with around 4.4 million of these attacks occurring in the latter half of 2021. Businesses ignore these risks at their peril.
A recent Business Day Dialogues, in partnership with Liquid Intelligent Technologies, put the spotlight on cybersecurity is in an increasingly interconnected world including network protection and security, the training of employees and how to react to being hacked.
Tarquin Rohlandt, executive head of Connectivity and Services at Liquid Intelligent Technologies pointed out that DDoS attacks are a real and growing threat. In a nutshell they are malicious attempts to disrupt the normal traffic of a targeted organisation by overwhelming the target with a flood of internet traffic, making it dysfunctional, and unleashing security breaches such as malware, phishing and password attacks.
Criminals often look for ransom or other financial gain, but the motive for a cyber-attack can also range from employee revenge to political activism, he revealed. There are no barriers for entry to attack so every organisation is at risk: the challenge is to acknowledge the risk and plan to counter it, as these attacks not only have reputational and financial repercussions, but also repercussions for staff morale.
The remedy, continued Rohlandt, is to assess the whole organisation, including its internal and external network, with a consultant, who can advise on what protection is needed depending on the value of the data. Upstream providers share the costs of protection with their customer base, reducing the financial burden.
Unathi Mothiba, senior specialist group product manager at Liquid Intelligent Technologies added that security needs to be aimed at all kinds of attacks. Company executives and directors, who unfortunately often lack expertise, need to realise how much their brands stand to lose without cyber-security. Fear, uncertainty and doubt, he said, was the biggest obstacle.
However, security consultants with the right skills can help overcome this by obtaining buy-in at all levels of the organisation. Their process typically starts by assessing a company’s ability to protect, detect and respond to a cyber threat and then drafting a risk mitigation plan, with follow-up support.
His advice for a company under cyber-attack: respond quickly and bring in experts to mitigate the damage. Bear in mind, however, that advance-planning costs far less.
Ahmore Burger-Smidt, director of Werksmans Advisory Services at Werksmans Attorneys revealed that charges can only be brought against an attacker if they are identified and if damages can be proven against them, which requires good record-keeping.
Interpol has identified SA as the most targeted country in Africa – and sixth globally.
The biggest risk to any company is its employees, she said. Liberty lost 5% of its share price in 2018 after a data breach. In addition to suffering a financial and reputational loss it also suffered losses in customer retention and acquisition.
She pointed out that many company departments have a “not our problem” silo-mentality. However, everybody in the organisations needs to understand the risks and where to address the interventions. Employees need focused training that is individualised to their level and made interesting and relevant with examples, all emphasising the core cyber-security message to prevent anyone attacks.
Ideally, she said, cyber-security awareness should start at school level, as soon as a child receives their first device.
To re-watch this discussion please click here
Photo Credit: Pexels/Dan Nelson