October is National Cyber Security Awareness Month (NCSAM) and although it’s an American initiative, there’s no reason why Kenyan businesses can’t acknowledge and adopt its practices
NCSAM 2018 exists to remind all Internet users about online safety and the fact that it’s a shared responsibility among digital citizens. NCSAM 2018 also aims to signify the importance of building a strong cybersecurity workforce.
It’s good to know that cyberattacks are in their infancy stages in Kenya even though we are proud to be a leader in innovation in the technology sector. Kenya is among the leading countries in Africa when it comes to combating cybercrime. However, we might face attacks that range from basic hacking – such as website defacements, financial fraud, social media account hijacking – and the theft of government documents to global attacks (a downside to being a leading African country in the IT space). Kenya has fallen victim to the Lazarus Group’s attacks before. This makes cybersecurity a national imperative, one that can only be addressed through a coordinated and holistic approach.
In recent years, the Kenyan government has realised that cybersecurity can’t be ignored and has communicated the need for businesses to create a security strategy.
“Businesses have invested in too many solutions that work well on their own, but don’t offer efficient security which exposes them to unforeseen risks due to a mismatch of security products that do not correlate to the rising changes of attacks,” says Dr Bright Mawudor, Head of Cybersecurity at Internet Solutions.
Risk identification and a response plan
- Figure out what needs to get measured and connect the data points.
- Find attack patterns or any other traffic trends that might suggest imminent risks.
- Identify the greatest threats facing the organisation and integrate these insights into your incident response strategy.
- Focus on the most critical areas by taking a close look at the people, processes and technology domains when performing a risk assessment.
- Talk to people in your organisation who handle sensitive data, they know where the vulnerabilities lie. But don’t stop there, consider hiring a third party to perform an assessment of your environment.
No matter how well protected an organisation might be, you should anticipate a cyberattack at some point in the future because technology is always changing and cyber criminals constantly evolve their attacks. Draw up worst-case scenarios along with an updated incident response plan. This is essentially a strategy for assessing, managing and containing data breaches, including the steps and actions your staff, especially your response team, should take if there’s a breach.
This requires strategies to be implemented that will contain and remedy data breaches or to ensure you have the capability to implement these strategies as a matter of priority. The best way to defend your IT infrastructure is to implement specific cybersecurity solutions and have a dedicated team in place.
None of these will be a priority if members of top management aren’t on board. So their buy-in is essential. Top management needs to understand the potential range of risks that might threaten the company’s reputation, finances and operational performance. The management of cyber risks should be a central component of any organisation’s governance processes.
Protect everything on your network
Place a firewall and an antivirus solution to protect all your company’s devices. Device protection should also include remote management features that eliminate the need for user input or behavioural modifications. Even the most protected environment can be breached when an employee uses a device outside the protection of the company’s security. Partner with Cyber Security providers to help manage your network and advice on best practises in the bid to stay secure.
Hackers constantly evolve to exploit weaknesses in a system to gain entry. As a result, it’s up to us to continuously improve our security infrastructure to protect your network.
But don’t wait until Cyber Security Month each year to focus on safeguarding your IT environment, ensure that it’s an ongoing commitment and investment. Gain advanced cybersecurity insights on how to protect your business by downloading our global threat intelligence report.