How to Prepare for Cyber Challenges in 2024
Date: January 2023
By: Ayanda Khumalo, Product Marketing Manager (ESET and Acronis)
We live in a digital world, where the internet has become an integral part of our professional lives. This world offers many opportunities and benefits for individuals and organisations, it has simplified the way we work allowing us to work smarter. We can enjoy the luxury of working from anywhere, collaborate with global teams, and access a wealth of information and resources. However, the digital world also comes with many challenges and risks.
Cyberattacks are becoming more frequent, sophisticated, and damaging, targeting both individuals and organisations. The blurring of personal and professional boundaries online, especially for those working remotely or in hybrid settings, makes it harder to protect data and devices from malicious actors. This is why enhancing security measures and awareness is crucial for navigating the digital landscape with confidence.
The Human Element: A Key Factor
One of the key factors that influence the cybersecurity landscape is the human element. According to Verizon, 74% of global breaches involved some form of human error or negligence. This could be anything from clicking on a phishing link, using a weak password, or sharing sensitive information on social media.
These mistakes can have serious consequences, such as financial losses, identity theft, or reputational damage. To prevent these outcomes, security training and awareness programs are essential for all employees.
However, these programs should not be limited to one-time sessions. They should aim to create lasting behavioural changes through continuous, engaging, and interactive initiatives. Using simulations and gamification techniques can help reinforce these essential lessons and build a more resilient workforce.
The Focus Areas: What to Expect in 2024
Now that we are in 2024, South African organisations need to plan for their security awareness programs in the coming year. Based on the current and emerging trends, some focus areas stand out as priorities.
One of them is Business Email Compromise (BEC) and Phishing, which are among the most lucrative and damaging cyberattacks for South African victims.
These attacks involve impersonating legitimate entities or individuals and tricking the recipients into divulging information, transferring funds, or downloading malware.
To combat these threats, organisations need to invest in robust email security solutions and conduct adaptive phishing awareness exercises that can keep up with the evolving tactics of the attackers. These include smishing, vishing, and MFA bypass.
Another focus area is securing devices and data in remote and hybrid work environments. Employees need to understand the risks associated with public Wi-Fi and man-in-the-middle attacks, and how to protect their laptops, passwords, and authorised devices.
Training sessions should also remind them of the dangers of shoulder surfing and how to prevent unauthorized access to their screens. Furthermore, compliance with data protection regulations, such as GDPR, is imperative to avoid hefty fines and reputational damage.
Organisations need to train their employees on encryption, incident reporting, and social media confidentiality, and provide them with technical support and tools. They should also address common mistakes, such as forgetting to use blind carbon copy (BCC) when sending mass emails, and how to avoid them. This will help create a culture of comprehensive data protection.
The Future: How to Achieve Resilience
Security training and awareness programs are indispensable for South African organisations, but they are not effective in isolation.
They need to be aligned with robust security policies and controls that cover all aspects of people, processes, and technology.
Only then can organisations build a more resilient cyber culture that can withstand the challenges of the digital age. By adopting proactive measures and fostering a culture of vigilance, South African professionals can work together to strengthen their defences and navigate the digital world with confidence.