In the wake of increasing and complex cyber-criminal activity, security is a leading priority for CIOs in businesses and governments – this according to Dr Khomotso Kganyago, chief security advisor for Microsoft SA.
It follows the R42 million cyber heist on the Post Bank, a member of the Post Office Group on New Year’s Day.
In an interview with BusinessTech, Kganyago said that the battle with cyber-criminals is an ongoing one as the IT penetration and dependencies increase, “but if anything, the good guys are starting to win the crucial battles”.
He said that, as someone who has worked in IT security in the public sector space until recently, government takes security very seriously.
“Security is probably the top priority for most CIOs in businesses and governments across the world right now, and we’re seeing a huge amount of investment and activity in this space as they look to secure their data and critical information.”
The security expert stresses that cyber-attacks have moved from ‘cool’ to ‘cash’.
“We’ve seen the nature of online threats shift from software-driven to social. Opportunistic threats have been supplemented by attacks that are more persistent and, in many cases, far more worrisome.
“What marks these attacks is that rather than “smash and grab, they lay low and steal slow.”
Kganyago notes that although some of these attacks are sophisticated, many are not; rather, the attack vectors are often traditional and unsophisticated.
He cautions that ‘the insider’ is one of the most disturbing threats whose potential damage is always very high.
“Fact is, most common computer threats can be mitigated through good security best practices – our most recent Security Intelligence Report showed that 90% of infections that were attributed to vulnerability exploitation had a security update available from the software vendor for more than a year.
Kganyago points to a collaborative effort as a potential solution to preventing further criminal activity. “We have also seen in some countries that the rising Cybersecurity threats are pushing big banks to share information with one another.
“A lesson to learn and implement in our country quickly – and these should be supplemented by a continued collaboration between industry, governments and individuals to create a safer, more trusted computing experience for everyone,” he concluded.