Cyber crimes are any criminal or other offence that is facilitated by or involved the use of electronic communications or information systems, including any device on the internet or any one or more of them.
Most cyber crimes are committed by individuals or small groups. However, large organised crime groups also take advantage of the Internet. Criminal communities share strategies and tools and can combine forces to launch coordinated attacks.
Related: Is A Mobile Virus Coming To Get You?
They even have an underground marketplace where cyber criminals can buy and sell stolen information and identities.
It’s very difficult to crack down on cyber criminals because the Internet makes it easier for people to do things anonymously and from any location on the globe.
How rife is it in SA?
Cyber crime has a significant effect on our economy as in the rest of the world, and costs South Africa over R6 Billion each year. In fact, South Africa is one of the most targeted countries globally for cyber phishing crime attacks.
According to statistics, the average cost of cyber crime in 56 organisations globally was R89 Million, up 6% over 2011 and the damage will rise every year if precautions are not put in place.
With South Africa having such a diverse economic landscape, and many of the financial services being delivered in the mid-tier market, vulnerable personal information on individuals is handled daily by these companies.
Most businesses spend money on external safeguards and security. They may invest in security personnel, closed circuit television cameras, and alarms, but they neglect to consider threats that also lurk online and such risks can be dangerous and devastating.
Why are smaller sized business targeted?
Small and mid-sized businesses are more attractive targets because they tend to be less secure and easier to access. Most SME’s have little training or understanding of laws governing how personally identifiable information should be encrypted, shared, or stored and lack policies ensuring their staff complies with those requirements.
For businesses whose security has not kept up with the latest cybercrime developments they could be facing avoidable risks without realising it. Hackers target SME’s hoping that their lack of preparation and limited expertise will make it easier to penetrate their systems and those of their business partners.
What are cyber criminals up to?
There are many ploys and schemes. Cyber crime scenarios include:
- Ransomware, bitcoins and malware: Ransomware is malware that locks your file, or worse your entire system, so that you cannot use them unless you pay the cyber-criminals. Ransomware will continue to be a more relevant threat in coming years and is said to be the “future of consumer cybercrime”.
- Targeted attacks: Targeted attacks are a rising trend. Most commonly known as Advanced Persistent Threats (APTs), their main difference from traditional cyber-attacks are target selection, plus silence and duration of attack. First of all, in most of these attacks there is a selected target, as opposed to traditional attacks that use any available corporate targets for their purposes. Secondly, these types of attacks try to stay unnoticed for longer periods of time.
- Payment systems in the spotlight: In parallel with the growing use of online payment systems, the cybercrime interest in attacking them grows too. At this point, it is already obvious that cyber-criminals will continue putting efforts into payment systems as more money circulates on the web. On the other hand, traditional point of sale (POS) systems are still widely used and malware authors are well aware of that.
- Internet of Things: whole new categories of digital device are getting connected to the internet, from domestic appliances to home security and climate control, and this trend has been dubbed the Internet of Things or IoT. Due to this trend, we see some evidence of cybercrime emerging such as attacks on cars, Smart TVs, biometric systems on smartphones, routers and google glasses!
These are only some examples of cyber attacks – with every trend, there is a new ploy and target.
What are the common risks/vulnerabilities?
Cyber-criminals usually have a specific target, and they even look for concrete information or try to attack.
Contrary to what most people think, the majority of cyber-criminals use well-known techniques (sending malicious mails in links or emails) and they usually exploit known vulnerabilities when the corresponding security patch has not yet been applied.
One of the most common techniques for accessing sensitive information from corporate employees, such as credentials to access the internal resources, is still phishing. Most of these attacks target employees belonging to all the company levels. Criminals are not only after our information.
Related: Who’s Hacking Your Data?
The mere fact of having thousands of infected computers already grants them a profit if those machines are part of a botnet and follow the criminal’s orders.
Their hard drives can be used to store any kind of illegal material; the internet connection can be used to send millions of spam emails or to perform Distributed Denial of Service Attacks (DDoS); and their processing capabilities can be used for cryptographic coin-mimicking – such as Bitcoin – which will go directly to the criminals’ virtual wallet.
There aren’t’ many companies that use no security protocols in their computers, but they are not always the best. Every business, from SME’s to large corporations, should be aware of the importance of security and the cost as well as reputational impact of breaches.
How should companies protect themselves?
Many SME’s only have a single product as protection, such as antivirus. With employee BYOD, it is dangerous as these personal devices can be an attack route into the corporate network if users download malware disguised as legitimate applications.
SME’s should safeguard their business with comprehensive security packs with end-to-end security (protecting endpoints, file servers, mailboxes and mobiles/tablets).
Traditional antivirus products compare the file on a user’s system to only a limited library of known bad signatures, or look for only exact matches with such signatures.
Many that do not perform advanced heuristic analysis (examining the structure or behaviour of malicious code) have difficulty detecting malware that is released in many subtle variations or morph every few hours to evade signature-based detection, a common practice for today’s developer.
Education is essential. Many users don’t realise the threats that exist on online, and therefore do not put security in place. Businesses of all size should educate their employees on the online risks – this will help avoid costly harm (both monetary and reputational).
What are costs/rewards vs risk of using cyber crime protection?
Costs vary according to business size. The cost implications from an attack could amount to millions, not forgetting the cost of reputation. Many SME’s cannot afford cyber attacks – and it can, in extreme cases, mean the end of some small businesses.
Sadly, when thinking of cybercrime, it’s not a matter of “if” but rather a matter of “when”.
Are You Focusing Too Much On The Little Details (And Forgetting The Bigger Picture)?
To what degree do outside influences impact your business’s success? As a business owner, should you be focused on your business, or taking a macro view of the world?
Entrepreneurs live in the daily grind of their businesses. This is unavoidable but can often be fatal. Day to day we think that the little things matter more than the very big things do. A little thing like the floor of your office or store being mopped daily can become a huge issue if not done.
Sure, these things are important because they create a culture of care and pride, but what you might be missing while you watch your team mop the floors is the macro-economic climate shifts that happen more rapidly than you think.
Step back to move forward
Early in the life of a new business the only way to survive is for the founders to do absolutely everything. From designing a logo and launching a strategy all the way through to writing tweets and emailing customers when there are issues.
This makes sense when you’re building a business, your team is small and your cash is tight. However, as you grow, it becomes important to let your people do their best and take on the day to day work.
Related: Expanding At The Speed Of Stress
As an obsessive entrepreneur it’s often hard to let go of these little details. Day to day operations will always be integral to the growth of your business and an important part of someone’s job in your organisation. However, it shouldn’t be yours if you are taking care of the big picture.
As the leader of your business you need to take a step back from the grind and look at the world around you.
To truly understand the positioning of your growing business you need to understand your country, continent and world.
You should understand the economic position you’re in as well as that of your province, country and even the markets that might directly influence your sales. Get a good understanding of the political stability of your country and the world.
Finally, you should figure out if there are any large- scale impending disasters. If disaster is imminent, like Zuma pillaging a nation and tanking an economy, then you have to get your head out of the floor mopping and into the high-level strategy of survival and preparation for disaster.
Move the needle
Every day there are 24 hours that you can fill. You can choose to work during that time and faff with the things that were once important, or you can figure out what is going to move the needle in your business.
What is going to really help you survive and grow in the years to come? Founders, CEOs and leaders need to be thinking about the next three, five and ten years. Let your team worry about today. Let the smart people you work with make today and tomorrow and next week work.
Chances are, the things you are doing in the hours/minutes aren’t saving your business or moving the needle. It’s the things that you plan for the next six months that affect the next five years.
Don’t live in a bubble
It’s easy to fall into the trap of thinking that you live in an isolated country or region that isn’t affected by world events. Unfortunately, no matter how hard you close your eyes and hide your head under the pillow you can’t avoid the fact that your business exists in a globally connected environment.
At Nic Harry we were affected by the Brexit events that unfolded in the UK and Europe. British shoppers were scared and didn’t spend their money when they were on holiday in Cape Town over the peak holiday season. I was so busy preparing for the seasonal uptick that I missed the link between a huge global event and my sales.
You live in a world that is filled with online shoppers and tourists who visit your business whether you know it or not. Prepare for the world to start having an effect on your business more and more.
Broaden your view
I am always fascinated by the narrow view of the world many entrepreneurs display. I may sell men’s socks, accessories and style but that doesn’t mean that the mining sector doesn’t affect my business.
Even if you were an entrepreneur building a business in Antarctica I would urge you to read about oil prices, political world events and the intricacies of overfishing in the South American seas. Being well rounded and having a broad view of the world and your business can only make you a more robust thinker who sees more angles to exploit, protect against and thrive on.
Why Adversity Is Actually The Best Thing For Your Business
There’s been a lot of talk about privilege lately: What is it? Who has it? Who doesn’t have it? I have a slightly different take on privilege and prefer to frame it as the privilege of adversity.
Studies across the globe show that the minorities in all contexts have higher rates of entrepreneurial activity than the incumbent majority. There are a host of reasons for this, but one of them is that adversity creates resilience and self-reliance that are vital for entrepreneurial success.
Every successful and exponentially successful entrepreneur that I have met or read about has transitioned through a baptism of fire. They have overcome insurmountable obstacles and used the lessons gifted through their experiences to rocket their business to the next level.
Related: Approach Adversity Head-On
The Five Gifts Of Adversity
A sense of where your true limits are. These are always far beyond what your belief system believed them to be. The experience of testing your limits breaks the preconceived notion of where your limits are or were.
Confidence. Once you have overcome an issue, the experience of overcoming it builds a high level of confidence that should the issue reoccur, you will have the ability and resources to overcome it. For example, if you lose your biggest client and manage to keep your business afloat, the next time you lose a big client you will not panic or become despondent, but will instead kick into action and claw your way out again.
Insight. Insight as to which of your non-financial resources you can tap into. When the chips are down and money is nowhere to be found, it’s amazing how many resources you will now perceive around you that can potentially help you transition to success. These resources come in the form of advice from friends, access to new markets through networks, credit from suppliers, and free promotion through networks, to name a few.
Your relationship with your own resourcefulness. The experience of not having resources but somehow manufacturing some out of thin air, recalibrates your sense of your own resourcefulness, which in turn builds a level of confidence that should you be dropped off in the middle of the desert with only a matchbox and a magnifying glass, you will survive.
Faith. A level of faith and a belief system that there is always a way to overcome a problem. This is true no matter how overwhelming the problem may be. The more you overcome impossible problems, the less you’ll believe in the existence of impossible problems.
So instead of worrying about who has privilege, who doesn’t, or what privilege actually is, use the lessons gifted to you when overcoming insurmountable obstacles to propel your business forward.
The Principles Of Cession: A Powerful Business Tool
Relinquish your rights with these quick and easy tips.
In terms of South African law, the legal concept of cession was defined in Johnson v Incorporated General Insurance Ltd 1983 (1) SA 318 (A) and in FNB vLynn1996 (2) SA 339 (A), as:
“…an act of transfer to enable the transfer of the right to claim to take place.F Accomplished by means of an agreement of transfer entered into between the cedent and the cessionary and arising out of a justa causa, from which the intention of the cedent to transfer the right to claim appears or can be inferred and from which the intention of the cessionary to become the holder of the right appears or can be inferred.”
In simple terms, according to the online Oxford Dictionary, cession is ‘the formal giving up of rights, property, or territory by a state’. According to the online Free Dictionary, it is ‘the act of relinquishing one’s right’.
This means that cession is clearly distinguishable from contracts because it does not create obligations and is also distinguished from delegation and subrogation, which do not involve the actual transfer of rights.
Valuable tool for business
Cession is a valuable business tool because it allows businesses to cede assets that can be ceded by transferring them − completely or not − when there is no cash available to secure a transaction or assure performance. However, it is essential that the parties involved understand and express their needs rather than blindly signing documents that do not enshrine their true intentions.
Legal requirements for a valid cession
According to van der Merwe et al 2002, the following requirements must be met to affect valid cession:
- A right inhering to the cedent
- Agreement between the cedent and the cessionary to give and accept transfer of the right
- Compliance with any formalities set by the law.
1.1. A right inhering to the cedent
Existing rights versus a spes
According to FNB v Lynn 1996 (2) SA 339 A, our courts have to date followed the approach that only existing rights may be ceded, and not rights which amount to nothing more than an expectation or spes. The determining factor in this approach is whether or not the right falls within the cedent’s estate at the time of the cession.
However, according to Muller v Trust Bank 1981 (2) SA 117 N, there is another theory that deviates completely from this approach and deserves a mention. In terms of the doctrine of cession in anticipando, cession of a spes may happen provided the cedent and cessionary conclude both a contract (obligatory agreement) as well as a transfer agreement to affect cession. Upon the materialisation of the right, when the right actually comes into existence, cession may take place.
There is no formal objection to this approach and our courts have not indicated that they are completely adverse to it. Nevertheless, there is no precedent to date that guarantees cession can be enforced based on this common law doctrine.
Accordingly, any personal right may be ceded provided it already falls within the cedent’s estate and is capable, in law, of being ceded. Therefore, this even applies to rights that have not yet come into force or effect − such as vested rights (for example: the rights of the beneficiaries of a family trust before its dissolution); contingent rights (rights which are subject to a condition); and/or the right to receive your pension pay out upon reaching the age of 65 years.
1.2 Justa causa (or intent)
A causa, or reason, for the cession taking place essentially determines the nature and extent to which the right is transferred between the cedent and the cessionary.
In the case of out and out cession, or normal cession, the right is usually transferred to the cessionary while the cedent has a reversionary right to cancel the cession and (re)claim the right, should it become necessary.
Whether or not total transfer of rights takes place in the case of security cession, or cession in securitatem debiti, has been widely debated for some time now. But, legal uncertainty prevails to a certain extent. The question remains as to whether security cession is only a ‘sue do’ or ‘theoretical cession’, where the cession is treated like a pledge of the right. In this case, no actual transfer of the right takes place.
The only logical explanation for this theory is that the cedent retains ownership but only relinquishes his ability to exercise or enforce his rights. Although the courts have, in fact, confirmed this construction may be theoretically unsound, some continue to apply this model based on the notion of an established legal precedent that has been applied for over 70 years. This was confirmed again in Grobler v Ootshuizen 2009 ZASCA 51, where the Supreme Court of Appeal held that security cession is nothing more than a pledge.
There is an opposing argument that this type of cession, regardless of the difference in causa, is treated as an out and out cession and transfer of rights. This theory is further supported by the case of Picardi Hotels v Thkweni Property 2008 ZASC 128, where the court held that a cedent who has not exercised his reversionary rights lacks locus standi in the enforcement or exercise of the right so ceded.
2. The agreement
Although an agreement for cession need not be in writing, a written agreement is always preferable. The only requirement set according to Botha v Fick 1995 (2) SA 720 (A) is that ‘mere consensus is sufficient to effect a cession’.
In addition, the cession must also be lawful and the rights of debtors should not be prejudiced. This does not imply that the debtor must be notified or that the debtor will become a party to the cession.
In most cases, there is no need to comply with any formalities to affect cession. In some instances, however, certain formalities are prescribed by law. In the case of a mortgage bond, for example: it must be registered at the Deeds Office.
Cession is a valuable tool in business. That said, it is of utmost importance that the cedent and cessionary both understand the legal nature and consequences of their transaction, or cession, before entering into an agreement.
What’s Next? How to Protect the Future of Your Business.
- The Alfa Romeo Stelvio – More Than An SUV
- (Podcast) Are All Prices Negotiable?
- (Podcast) Phone Calls Often Solve Email Problems
- (Podcast) Being An Entrepreneur Is Painful
- (Podcast) Playing To An Audience Of One
- Be 1 Of 3 High Growth Scale Ups Sponsored By FNB & Vumela To Participate For FREE In 10X Accelerator Program (Value Of R650 000)
- R33 Million Boost For Job Creation And Innovation In SA
Start-up Industry Specific2 weeks ago
How Do I Start A Transport Or Logistics Business?
Entrepreneur Profiles1 month ago
10 SA Entrepreneurs Who Built Their Businesses From Nothing
Upstarts1 month ago
10 Young Entrepreneurs Under 30 Share Their Start-Up Secrets
Business Plan Advice4 weeks ago
Writing a Business Plan May Not Be Your Idea Of Fun, But It Forces You To Build These 4 Crucial Habits