Digital security in SA continues to be a growing concern as a new report from e-mail specialist firm Mimecast shows electronic communication in organisations is still big a weak point that has seen an increase in attacks over the last year.
The firm which specialises in e-mail security around the world, says e-mail continues to be the most popular attack point of attack for cyber criminals, through compromised accounts, vulnerable insiders, social engineering, or brands impersonation.
The study, called The State of e-mail Security 2020, was done through a survey of 1,025 information technology decisionmakers and executives to “gain useful insights into their experiences and outlook on the current state of e-mail security,” said Mimecast. These participants were interviewed between February and March 2020 in countries such as the US, UK, Germany, the Netherlands, Australia, SA, United Arab Emirates, and Saudi Arabia.
For SA, Mimecast's results paint a frightening picture of the vulnerability of businesses and other organisations through e-mail-led attacks.
It was found that 45% of local companies have been affected by ransomware in the past 12 months, while 76% experienced downtime from an attack and 53% saw an increase in phishing attacks.
But why is this happening? To begin with, 66% of SA organisations believe weak passwords pose a risk of a serious security mistake.
Mimecast said on average, six out of 10 organisations have a security system to protect internal and outgoing e-mails, but 34% don't yet monitor and protect against e-mail-borne attacks or data leaks in internal e-mails. At the same time, 39% of these organisations don't yet monitor and protect against e-mail-borne attacks such as malware and malicious links in outbound e-mail, while a third say they don’t yet have automated detection and removal of malicious or unwanted e-mails that have already landed in employees’ inboxes.
Globally, it was found that 51% of organisations had suffered a ransomware attack in the past 12 months, while 60% of respondents were hit by an attack spread from an infected user to other employees.
“Cyber threat actors and threat groups are continuously researching and testing out new tactics, techniques and procedures in an attempt to overcome and exploit this increasingly sophisticated and complicated technology,” said the report.
As a way to reduce this growing threat, Mimecast suggests increasing training and awareness around digital security, putting a greater emphasis on cyber resilience strategies and increased investment in security systems. The firm also suggests doing more to protect an organisation's brand given the increasing cases of ordinary people falling victim to criminals impersonating a particular business, company or organisation.
The research also looked at the first 100-day period of the Covid-19 crisis around the world.
Mimecast says an increase in the variety and volume of attacks was inevitable given the desire of criminals to obtain personal and confidential information. This threat is also heightened by the shift to more people working from home, likely accessing enterprise systems from less secure locations.
These findings add to an already bleak picture about the state of cyber security in SA.
In May, it was revealed that SA had third-highest number of cybercrime victims in the world with about R2.2bn lost each year through fraudulent activities carried via the internet, according to professional services company Accenture.
That research suggested that threat actors perceive SA organisations and businesses as potentially having lower defensive barriers compared to those in more developed economies, and that they may enjoy a lower risk of incurring consequences for their malicious activity.
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.