IconAccounting & Tax
IconAppraisers & Valuers
IconArbitration Services
IconAssessors & Loss Adjusters
IconAssist and Lifestyle Benefits
IconAssociations & Institutes
IconBBBEE Consulting and Verification Agencies
IconBroker Acquisition Financing
IconBrokers for Brokers
IconBusiness Process Management
IconBusiness Process Outsourcing
IconCall Centre Outsourcing & Sales
IconCompany Secretarial Services
IconConsumer Protection
IconCorporate Governance
IconCredit Bureaus
IconDebit Order Collection Facilities
IconDefensive Driver Training
IconEducation and Training
IconEmergency Medical Rescue
IconFire, Storm, Flood Damage Specialists
IconForensic Investigation Services
IconHuman Resources
IconIndustrial Cleaners
IconInformation Technology and Software Partners
IconInsurance Companies
IconLightning Damage & Surge Protection Specialists
IconNiche Insurance Products
IconOutbound Sales
IconOutsourcing Companies
IconPolicy Administration
IconPremium Financing
IconPublic Loss Adjustors
IconRating Agencies
IconReference Books & Material
IconRegulatory Authorities
IconRisk Finance
IconRisk Management
IconRisk Surveyors
IconSalvage Operators
IconSpecialized Claims Investigations & Assessing
IconSurveys and Research
IconTraining Courses & Workshops
IconUnderwriting Managers
IconVehicle Accident Management
IconVehicle and Household Risk Inspection Services
IconVehicle Tracking
IconWellness Programs
IconWholesale Brokers
  Subscribe To »

Hacking South African companies takes less than one minute







By Mikko Miemela, CEO

When it comes to securing a business against cyber threats, the talk, money and focus seems to be on internal networks, systems and virtually everything inside the organization. Antivirus software, firewalls and intrusion and fraud detection are often discussed with executives who are responsible for looking after their businesses. But when I asked, ‘How many passwords have already been leaked?’ and, ‘Is someone targeting your organization? Is your information for sale?’ I was met with blank stares from the company executives. Indeed, the external world isn’t considered in many business agendas.

The basic principle of cyberspace is that if you don’t know what you have, you can’t secure it. When it comes to ICT assets and systems, most companies seem to understand what they have on their premises. But nobody knows what’s outside. During discussions, no single company was using only their internal systems; everyone was relying heavily on external vendors, supply chains and cloud providers. And the future brings even more interdependencies – almost everyone has a plan to cut their own assets.

While reducing the number of systems on one’s own premises makes defending them easier and cheaper, the role of the known unknown – the external world – grows exponentially. Probability for an external data breach, exposed credentials, sensitive information disclosure or an actual data breach grows, and for self-centric organizations, there are no direct ways to reduce these risks. When we can’t control everything, the question is: ‘What can we do?’

Exploring cyberspace is like walking the streets – and South Africans are very streetwise. You need to know who to trust and which route to take in order to stay safe. The next thing is to get cyber-wise: choose smart passwords, avoid online scams and pick reliable service providers. The good news is that cyber awareness training is cheap and effective compared to technology investments. The bad news is that anyone who isn’t trained will act against you unintentionally! That means time is money.

Another thing is to understand your organization’s current and past exposure. What has been leaked already? Are hacker groups targeting you? Where is leaked information coming from, and whose passwords have been compromised? This is a starting point, but it’s the most valuable security measure you can have when going asset light. Get your exposure assessed (and preferably monitored) at a pace you can handle.

Just to give a ballpark figure: The top 100 Johannesburg Stock Exchange companies have over 1,000 active usernames and passwords available – EACH. Those credentials provide instant hassle-free access to the organization without anybody asking or noticing. So my recommendation is to find what’s out there already; mitigate any findings; and train your staff so that you have your entire team working with you – not against you.

Mikko S. Niemelä is President and CEO of Singapore-based cyber intelligence agency Kinkayo, Chairman of cyberattack company Silverskin and author of Anatomy of a Cyberattack.
http://www.onalytica.com/blog/posts/cybersecurity-2015-top-100-influence... #39 of the TOP 100 cybersecurity. influencers

This article was first published in the Camargue Weathervane

Source: Camargue Underwriting Managers (Pty) Ltd
« Back to previous page Print this page » |

Breaking News »

Zimbabwe: So Long Robert Mugabe

By Coface, the international trade credit insurance company     On November 21st, after 37 years as Zimbabwe strongman Robert Mugabe, 93 years old, resigned from the presidency. Mr Mugabe’s ...
Read More »


Insurance industry ‘excited’ about InsurTech

By Caroline Theodosiou Norton Rose Fulbright South Africa Inc. Most insurance companies acknowledge that major change is coming and the insurance world is excited about the changes that InsurTech may ...
Read More »


African mine victims entitled to sue holding company in the UK

    Patrick Bracher, Director Norton Rose Fulbright South Africa Inc.       The English Court of Appeal has allowed Zambian citizens from the Copperbelt ...
Read More »


Germany: Going From “Jamaica” to Spain?

By Coface, the international trade credit insurance company   After about four weeks of intensive talks, the formation of a so called “Jamaica” coalition failed in Germany. The Liberal ...
Read More »


More News »


Healthcare »


Investment »


Life »


Retirement »


From The Glossary »


Variable life insurance policy:

A whole life insurance policy that provides a death benefit dependent on the insured's portfolio market value at the time of death. Typically the company invests premiums in common stocks, so variable life policies are referred to as equity-linked policies.
More Definitions »

By using this website you agree to the Terms of Use.
Copyright © Stoker Risk & ICT (Pty) Ltd 2004 - 2017.
All Rights Reserved.





Contact IG


Media Pack


RSS Feeds