Ensuring your company\u2019s cyber hygiene is up to high standards is essential to keeping staff, customers, and information safe.<\/p>\n
This is according to\u00a0Darshan Lakha, Vodacom Group chief technology security officer \u2013 cyber security.<\/p>\n
Lakha was speaking at the 2018 MyBroadband CyberSec Conference, hosted in partnership with Vodacom, and touched on the key cybersecurity challenges businesses face.<\/p>\n
In general, cybersecurity systems are a critical aspect companies must have in place \u2013 but in the telecommunications space, the importance of solid systems, and the associated challenges, is even more profound.<\/p>\n
Cyber hygiene<\/strong><\/p>\n Lakha said that to put a good cybersecurity plan in place, you first need to identify the prominent pillars of the threat landscape.<\/p>\n One of the prominent pillars is \u201csupplier and geopolitics\u201d which involves\u00a0governments not trusting each other \u2013 such as the US government not trusting the Chinese government.<\/p>\n Hardware and software suppliers from these countries are affected by this distrust, with manufacturers from China shunned by US government departments, and vice versa, said Lakha.<\/p>\n Cloud breaches, criminal APTs, crypto jacking, aggression from nation states, software vulnerabilities, and supply chain compromises are other important factors cybersecurity experts must take into account when building an online defence.<\/p>\n The responsibility of running this defence does not lay at the feet of the IT department alone, however, and is a job for the organisation as a whole.<\/p>\n This can start with something as simple as ensuring all employees have strong passwords on their connected devices and online accounts \u2013 work and personal.<\/p>\n Best security practices \u2013 such as 2FA and privileged account management \u2013 must also be implemented, along with constant security monitoring and a strong response plan in place for a threat against a company employee or department.<\/p>\n Employee cyber hygiene must then be augmented by the company identifying its critical assets, knowing their place in the business, and understanding what information they contain.<\/p>\n Funding<\/strong><\/p>\n Making matters more difficult is that all of this must take place while ensuring top-level management or the company\u2019s board\u00a0are aware of what is being done, how it works, and what is needed to keep security threats at bay.<\/p>\n This includes the need for increasing cybersecurity budgets.<\/p>\n Lakha said it is a challenge for an IT department to keep going back to a company\u2019s board and asking for investments, but it is a necessity to keep systems safe from future attacks.<\/p>\n He said big organisations like Vodacom can face thousands of cyber attacks per day, and a future-proof strategy \u2013 which is well funded \u2013 is needed to keep them safe.<\/p>\n
\n