Vodacom on the importance of a cybersecurity plan
Ensuring your company’s cyber hygiene is up to high standards is essential to keeping staff, customers, and information safe.
This is according to Darshan Lakha, Vodacom Group chief technology security officer – cyber security.
Lakha was speaking at the 2018 MyBroadband CyberSec Conference, hosted in partnership with Vodacom, and touched on the key cybersecurity challenges businesses face.
In general, cybersecurity systems are a critical aspect companies must have in place – but in the telecommunications space, the importance of solid systems, and the associated challenges, is even more profound.
Cyber hygiene
Lakha said that to put a good cybersecurity plan in place, you first need to identify the prominent pillars of the threat landscape.
One of the prominent pillars is “supplier and geopolitics” which involves governments not trusting each other – such as the US government not trusting the Chinese government.
Hardware and software suppliers from these countries are affected by this distrust, with manufacturers from China shunned by US government departments, and vice versa, said Lakha.
Cloud breaches, criminal APTs, crypto jacking, aggression from nation states, software vulnerabilities, and supply chain compromises are other important factors cybersecurity experts must take into account when building an online defence.
The responsibility of running this defence does not lay at the feet of the IT department alone, however, and is a job for the organisation as a whole.
This can start with something as simple as ensuring all employees have strong passwords on their connected devices and online accounts – work and personal.
Best security practices – such as 2FA and privileged account management – must also be implemented, along with constant security monitoring and a strong response plan in place for a threat against a company employee or department.
Employee cyber hygiene must then be augmented by the company identifying its critical assets, knowing their place in the business, and understanding what information they contain.
Funding
Making matters more difficult is that all of this must take place while ensuring top-level management or the company’s board are aware of what is being done, how it works, and what is needed to keep security threats at bay.
This includes the need for increasing cybersecurity budgets.
Lakha said it is a challenge for an IT department to keep going back to a company’s board and asking for investments, but it is a necessity to keep systems safe from future attacks.
He said big organisations like Vodacom can face thousands of cyber attacks per day, and a future-proof strategy – which is well funded – is needed to keep them safe.
Read: Vodacom forks over R1.25 million settlement in privacy violation case
Loading ...