‘Intelligence’ underpins a valuable cybersecurity approach

Expert opinion piece by Riaan Badenhorst, General Manager, Kaspersky Lab Africa.

The continued hype centered towards the topic of cybercrime is no hype at all. It is a very real and growing issue that still needs tangible and immediate attention. In fact, Kaspersky Lab’s recently presented Cybersecurity Trends in the Middle East, Turkey and Africa (META) region notes that there has been an 8.5% increase in ransomware attacks in Q1 of 2018 compared to the results of last year.

Given the impact that notorious ransomware attacks had in 2017, this increase comes as no surprise. However, the concern is that these attacks will only grow in intricacy.

Despite research revealing that the cost of cybersecurity incidents is growing, budget spend on IT security in the META region is on the decline –  where only 62% of companies in the  region are actually investing in cybersecurity, 3% less than 2016.

One must ask if this, then, is because companies are confident in their security and have made significant investments already, or if they are becoming complacent?

Given an expected growth in threats, but a decrease in efforts spent around managing this, it will likely leave businesses with some serious challenges to overcome. The bottom line is that given the realities of growing cyberthreats, IT security must remain a priority and businesses should be driving continuous proactive measures to develop IT security strategies that ensure their organisation, and their staff, are cyber smart and fully prepared for any potential risks.

For any cyberstrategy to make a real impact, it must be underpinned by threat intelligence and should encompass four distinct, universal phases, including:

  • Threat prevention – this phase is mostly covered by technology solutions – such as a firewall or anti-virus solution
  • Detection – this requires a business to invest in advanced tools and expertise which will allow the business time to identify the indicators of attack, spot an incident, investigate it and mitigate the threat
  • However, once detected, responding to the threat then becomes crucial. Within this phase, businesses need to ensure that the approach taken is effective and that the threat is dealt with entirely
  • Lastly, a sound cyber security strategy should also examine the prediction of future attacks – gaining an understanding of the attack surface to help the business define its long-term strategic defense capabilities to avoid future risk

Capitalising on such an approach does not need to be daunting. While it may feel overwhelming to undertake this in-house, seeking advice from reputable experts in the cybersecurity space will allow businesses to take that initial step of assessing its current situation and potential vulnerabilities and put steps in place to build such a strategy. This would not only include investment in the right technology, but the implementation of processes that provide the tools to allow a business to ensure these phases are pursued simultaneously – and with threat intelligence at the centre.

Moving beyond the hype means recognising that offsetting growing cyberthreats requires a 360-degree view of the methods, tactics and tools used by cybercriminals – and threat intelligence will provide this – ensuring solid measures are actioned towards building an IT security strategy that detects threats and prevents them.

Browse our latest issue

Intelligent CISO

View Magazine Archive