Categories: CYBER SECTechnology

How organisations can mitigate rising data breaches in 2022

A rapid rise in data breaches across numerous sectors has highlighted the intensity and ease with which cybercriminals can sabotage and hold for ransom valuable data, and quickly bring seemingly secure institutions to their knees. What can organisations do to protect themselves?

Hosted by commercial law firm Cliffe Dekker Hofmeyr (CDH), a recent webinar entitled ‘Enemy at the Gates: The practicalities and difficulties of data breaches’ revealed the top cyber threats facing businesses to be business email compromise, hacking, and ransomware.

CEO at Digital Forensics Lab, Cyanre, Danny Myburgh noted there is also a rise in double extortions taking place in which hackers come in, steal data and then encrypt it with the aim of extorting companies to not only get their data back but then decrypt it as well. It doesn’t stop there, Myburgh said triple extortions are even happening in which hackers not only steal and encrypt data, but also mine it to identify and directly extort other data subjects.

“Typically, many of the vulnerabilities we find are left there by disgruntled employees. This is particularly true for disgruntled former IT administrators who have knowledge of the systems in place. When you exit people, it is important to keep these vulnerabilities in mind,” said Myburgh.

In his presentation, Myburg identified two main modes of attack in which cybercriminals target organisations. The first he calls the shotgun approach. “This is where the attackers send out a million emails and if one of your employees is unlucky enough to click on it, unfortunately, they have fallen for the scam,” said Myburgh.

The second most common mode of attack is the most concerning. This is what Myburgh calls the targeted attack. “Hackers focus on one organisation, perform in-depth background research, and then specifically target and attack an organisation through accessible vulnerabilities. This is where employees tend to form the weak links, not the infrastructure.”

Unprotected mail accounts with no two-factor authentication, outdated software, poor password control, and a lack of sturdy firewall protocols are just a few of the common vulnerabilities that organisation’s can easily control.

While it may be easy to secure your data in theory, the reality is that hackers tend to be two steps ahead.

 

What happens when a data breach happens to your business?

Director and Practice Head in CDH’s Technology, Media & Telecommunication practice, Preeta Bhagattjee said the first and most important first step is to be calm, cool and collected. “When you are a victim of a data breach there are several important levers that would need to be considered quite quickly.”

While assessing the extent of the breach and the data that has been impacted, Bhagattjee says one would need to juggle many balls against which strategic, time-sensitive, and legally informed decisions need to be made.

When managing a data breach incident, Bhagattjee highlighted a few critical steps that should be taken. These include:

Reporting obligations – depending on the type of breach and laws that apply to your business – there may be a number of reporting obligations (including under data privacy and cybercrime laws)

Managing reputational risk – even though the payment of a ransom is not generally illegal, legal considerations along with reputational risk is to be understood if you are considering paying a ransom demand.

Managing system and technology risks – taking steps quickly to mitigate the technology breach or vulnerabilities but at the same time ensuring evidence is preserved for authorities.

Ensuring business continuity – consider the ramifications if you cannot continue to fulfil your contractual obligations to customers in light of the data breach.

Possible damages, costs, fines, and penalties –Claims for damages by the victims of the breach (ie. If personal information of customers is published or they are defrauded by the cybercriminals), being subject to fines and penalties as well as the cost of systems changes and upgrades can arise due to the breach.

Need an effective risk mitigation plan – understanding the learnings and preparing policies and procedures for the next attack are key

“You need to understand where data is coming into and leaving your organisation, who manages it, and what rules apply to the gatekeeping of this data,” said Bhagattjee.

Effective contracting with third-party data processors help address the risk and frame the rules and procedures of avoiding a data breach.

As CDH has a presence in both South Africa and Kenya, the webinar delved into the ramifications of data breaches specific to each region. In South Africa, this meant an application of POPIA and how this data privacy regulation needs to be factored in. In Kenya, this discussion pertained to the country’s Data Protection Act.  

Chege Njuguna

Recent Posts

Airtel Uganda and K2 Telecom forge ahead with renewed partnership

Airtel Uganda and K2 Telecom have solidified their long-standing relationship by renewing their transformative partnership.…

2 days ago

Airtel Rwanda’s Voice Over 4G service surpasses one million subscribers

Airtel Rwanda’s groundbreaking Voice Over 4G (VoLTE) service has achieved a significant milestone, attracting over…

2 days ago

Nigeria’s Bureau of Statistics suffers cyberattack

Nigeria’s National Bureau of Statistics (NBS) has fallen victim to a cyberattack, disrupting operations and…

3 days ago

ChatGPT now accessible via WhatsApp and phone calls

OpenAI has expanded the reach of its widely popular AI chatbot, ChatGPT, by launching it…

3 days ago

Open AI unveils ChatGPT Pro

OpenAI has launched ChatGPT Pro, a $200/month subscription plan designed to cater to professionals in…

3 days ago

KIXP and iXAfrica partner to boost East Africa’s digital connectivity with new Point of Presence

Kenya Internet Exchange Point (KIXP) has inaugurated a new Point of Presence (PoP) at iXAfrica…

3 days ago