The results of the 2011 Symantec State of Security Report reveal that compliance is the top concern for local organisations in South Africa, in addition to the more common global security concerns about the increased use of mobile devices and social media in the workplace.
Over 51% of South African respondents identified compliance as a key trend that complicates the security of their information and systems. This finding comes as no surprise as local CIOs are grappling with increasingly stringent legislations that hamper their ability to confidently declare compliance.
New demands on CIOs
“A slew of new laws have come into effect recently that make significant demands on CIOs to meet a whole new set of requirements,” says Jayson O’Reilly, security practice Manager at Symantec South Africa. “Non-compliance has far-reaching implications beyond the server room, as corporate governance has become a key driver of organisational operations and reporting. The level of concern shown suggests to us that local businesses are unsure of what security measures to put in place, and also that they may not have budgeted for the systems to ensure compliance.
The impending Protection of Personal Information (PoPI) Act is an example of a law that will make serious demands on how companies protect corporate and customer information. The lack of clarity on when it will be promulgated, adds to CIOs’ uncertainty and hesitancy to commit budget to their security systems.
Mobile devices a security threat
The survey also revealed that 52% of South African organisations are finding the proliferation of mobile devices one of the key trends driving security concerns. Further, 51% of organisations identified social media as posing a threat to their security framework.
“Mobile computing and the use of social media are driving forces behind consumerisation of IT that pose new challenges to an organisation’s security posture,” says O’Reilly. “There’s no question that attackers are using more insidious, sophisticated and silent methods to steal data and wreak havoc. Organisations today have more to lose than ever before and need to keep adopting the security innovations and best practices that the industry is delivering to stay protected.”
Cyber attacks remain problematic
The menace of cyber attacks and malicious activity continues to loom. According to the Symantec report, 71% of global respondents, compared to 70% in South Africa, saw an attack in the past year, including malicious code, social engineering and external malicious attacks. 20% of South African respondents lost at least R1.7 million as a result of cyberattacks.
Of those who suffered an attack, 92% of organisations worldwide, compared to 98 % in South Africa, reported losses including downtime, loss of intellectual property and customer credit card information while 84% of organisations worldwide, compared to 77% in South Africa, reported that these losses translated into actual costs (productivity, revenue, money or goods).
“A big area of concern among South African organisations is that only 48% said they are doing well in the areas of strategic security initiatives and just 44% are pursuing innovative security issues,” adds O’Reilly. “The areas of risk continue to grow almost by the day, and unless companies implement a clear and effective risk-mitigation strategy and system, they are exposing themselves to greater and very real risks.”
According to Symantec, organisations need to develop and enforce IT policies. By prioritising risks and defining policies that span across all locations, businesses can enforce policies through built-in automation and workflow to protect information, identify threats, and remediate incidents as they occur or anticipate them before they happen.
Businesses need to protect information proactively by taking an information-centric approach to protect both information and interactions. Taking a content-aware approach to protecting information is key in identifying and classifying confidential, sensitive information, knowing where it resides, who has access to it, and how it is coming in or leaving your organisation. Proactively encrypting endpoints will also help organisations minimise the consequences associated with lost devices.
To help control access, IT administrators need to validate and protect the identities of users, sites and devices throughout their organisations. Furthermore, they need to provide trusted connections and authenticate transactions where appropriate.
Organisations need to manage systems by implementing secure operating environments, distributing and enforcing patch levels, automating processes to streamline efficiency, and monitoring and reporting on system status.
IT administrators need to protect their infrastructure by securing all of their endpoints – including the growing number of mobile devices – along with messaging and Web environments. Defending critical internal servers and implementing the ability to back up and recover data should also be priorities. In addition, organisations need visibility, security intelligence and ongoing malware assessments of their environments to respond to threats rapidly.