Companies ought to change their approach to IT security

Amidst rapidly changing technological realm, opportunities and challenges that the technology provides has become elusive. We are at a crossroads as we move from a society already snarled with the internet to the coming age of automation, Big Data, and the Internet of Things (IoT).

Photo Credits

But as the society operates largely on technology, it may have gone too far in technology dependence. While it brings greater benefits, by the very nature of the opportunities it presents it becomes a focal point for cybercrime, industrial espionage, and cyberattacks.

The current digital business landscape sees many organisations face a myriad of evolving security threats. Based on experiences, companies today tend to spend 80% of their security budgets on trying to prevent security breaches, but only 20% on predicting, detecting and responding to attacks.

As cyber-crime increasingly becomes a global issue, it becomes imperative to tackle it effectively.

Recent incidents of WannaCry and Petya have highlighted the importance of cyber security. The impact the ransomware had is entirely indicative of the kind of threats every company faces. At the operational level the focus of cyber security is on preventing, mitigating, detecting, investigating and responding to cyber-attacks. The richness and complexity of cyber-space means that there is a potentially endless list of attack scenarios.

The reality is that no business is 100% safe. We live in a world where the question isn’t whether you’ll be attacked, but when, and how quickly and completely you can recover. Targeted attacks, as an example, may only resemble 1% of threats overall, yet they do a lot of harm.

Local businesses need to look beyond the traditional viewpoint that cybersecurity only entails a firewall, an anti-virus solution, and some Internet filters. Instead, they need to consider the realities of today and the fact that with this, cybersecurity has evolved to become a process that is completely integrated into the running of the business.

According to the Serianu Kenya Cybersecurity Report the acceptance of Bring Your Own Device (BYOD) by Kenyan organisations has risen, where 62.2% employees now use their personal devices at the office.

Furthermore, this report states that typically a SME has at least one or two systems fully exposed on the internet with default passwords and unpatched software.

We believe that this can be dangerous as it may often be the first stop for cybercriminals looking to unfold their operations.



Leave a Reply

%d bloggers like this: