Ian Engelbrecht, senior systems engineer, Veeam, photo credit: Ekaphon – i-Sight
As businesses navigate themselves through the current pandemic, the way in which they operate has changed forever. Lockdown has forced businesses to make very quick decisions. What has previously taken months and years, has been agreed in weeks. The crisis forced their hand.
While a remote working culture was already accepted in some regions of the world, South Africa and the rest of the continent was still largely operating within the traditional model. After level five lockdown was announced at the end of March, that changed drastically, and overnight.
At the time of writing, office parks and offices in South Africa are still a shadow of their former selves, with scores of people working remotely full-time, or doing some days in the office, and others at home to adhere to social distancing rules.
Besides the effect remote work has had on operations, for businesses unaccustomed to it, company culture and employee morale, there is another, far more sinister effect that the C-suite needs to consider – the exponentially increased threat of a cyber-attack.
The exposed flank
The World Economic Forum has called the pandemic “a boon for cyber criminals” and with a notable spike in cybercrime in South Africa with recent high-profile data breaches dominating the headlines, South Africa has moved up to third in global cybercrime rankings. The Accenture Insight into the Cyberthreat Landscape in South Africa report also highlights that this is resulting in an estimated R2.2 billion in annual losses for the country.
This type of crime is nothing new – online fraudsters have always been there, offering holidays in the Maldives or inheritance payouts from a distant relative in the UK. However, the cybercriminals have evolved beyond those familiar tricks and have become highly sophisticated. Now they have new entry points into an organisation.
Ransomware, data breaches, and cyber-attacks are a daily threat and continue to make headline news. The reality is that these attacks can happen to any business, regardless of size, industry and location. From start-ups to large multinationals, no company is exempt. The rise in remote working has created another challenge for IT. When employees were working from offices, IT had full control and visibility over performance, maintenance and security of the IT infrastructure. Whereas now, with employees working remotely, and some on non-company issued devices both the people and devices are distributed and each one represents a possible entry point for a malicious threat.
With the rise of Shadow IT, the phenomenon of employees using applications of their own choosing to store and access company data outside the data centre’s four walls on personal devices and online accounts, coupled with employees working remotely, it opens up more targets for criminals to attack. Employees have more choice and can access company data on personal devices, online accounts and aren’t always connecting to Virtual Private Networks (VPN). The organisation now has multiple entry points for cybercriminals to exploit, and, as the old saying goes, it takes only one hole to sink a ship.
One vulnerable entry-point can expose the business to crippling cyber-attacks. In fact, it is not far-fetched to predict that users will become targets to be hacked to gain control of enterprise infrastructure.
The potential consequences are sobering, and could have a long-lasting financial and reputational impact, not to mention breaching their regulatory obligations. There is no way around it – organisations have a regulatory and societal responsibility to protect sensitive business and customers’ data. However, that’s only the first step. In much the same way that businesses need to show durability in other aspects of their business, so too do they need to build cyber resilience.
Cyber resilience includes strategies for actual protection, but also ensures there is a game plan to mitigate the impact of a data breach or cyber-attack. These must consider solid backup strategies as well as guaranteeing that data can always be recovered while minimising downtime.
While IT departments have a crucial role to play here, business leaders also need to understand the importance of a backup and disaster recovery plan in mitigating the impact of an attack.
Disaster planning may not be the most glamorous and lucrative task, but it is not one which should be bypassed or treated as a box-ticking exercise. Testing needs to be stringent – looking at every possible eventuality and preparing an appropriate response.
While this can be an expensive exercise in terms of resources, for businesses that view more and more of their applications as business-critical, the return on this investment will be realised when disaster strikes.
There is a growing trend in South Africa towards investing in Infrastructure-as-a-Service (IaaS) platforms, but because these services continuously evolve, businesses need a Cloud Data Management strategy that evolves too, in order to manage the large, and often disparate data sprawl, with built-in capability to check for ransomware and whether the recovered data is appropriate to return to production.
As businesses attempt to plug the holes that remote working has opened, it is imperative and frankly non-negotiable to invest in a robust Cloud Data Management strategy – not only to keep the ship afloat, but to be able to weather cybercrime storms and keep the organisation on course.