BLOG

Top Strategies to Safeguard your Business against Cyber Attacks

In an era dominated by digital landscapes and technological advancements, the threat of cyber-attacks looms large over businesses of all sizes.
The relentless evolution of cyber threats demands that organisations adopt proactive and robust cybersecurity measures to protect their valuable assets.

To gain valuable insights into this critical issue, we turned to the top thought leaders in the field of cyber and information security who shared their expert tips and strategies. Here’s a compilation of their collective wisdom to help fortify your business against cyber adversaries.

1. ALIGNING CYBERSECURITY WITH BUSINESS GOALS

Bernard Munyaradzi Chadenga, vCISO and Founder & CEO of The Cimplicity Institute, emphasized the importance of vulnerability testing and scoping. He stressed that cybersecurity teams must closely align with the business to seamlessly integrate systems using agile solutions. Actively training cybersecurity specialists ensures that your defence remains robust and up-to-date.

 2. CULTIVATING A SECURITY-CONSCIOUS CULTURE

Yurika Pistorius, Chief Compliance Officer at Clientele Limited, highlighted the significance of treating sensitive data as if it were your own. She advocated for vigilant access control and the value of self-reporting incidents. Partner awareness management ensures that stakeholders are informed and engaged in safeguarding efforts.

3. STRENGTHENING THE HUMAN FIREWALL

Aveena Mothilal, Chief Information Officer at Engen Petroleum, emphasized the need for comprehensive training to strengthen the human firewall. Striking a balance between risk and investment while understanding the value of spending is crucial. Automation, tailored to specific purposes, can streamline security operations effectively.

4. MASTERING THE BASICS

Anthea Kruger, General Manager of Information Security Cyber Defence at MTN, underscored the importance of nailing the basics of security. Regularly patching and classifying assets aids in creating a solid foundation. Establishing coverage and layers provides a multifaceted defence mechanism.

5. EDUCATION AND EMPOWERMENT

Aashika Bava, Head of Security Awareness Training at Investec, highlighted the inevitability of human error and the need for relatable training. Encouraging the use of password management systems and multifactor authentication extends security practices beyond the workplace.

6. MULTILAYERED SECURITY

Amukelani Emily Manganyi, Head of Cyber Security Enablement & Business Engagement at ABSA Group, focused on deploying Segmented DevSecOps roles and robust access management controls. Employing layers of security strengthens the depth of defence, making it harder for cyber threats to penetrate.

 7. RISK ASSESSMENT AND PREPAREDNESS

Sandika Daya, Senior Manager of IT Governance, Risk, and Compliance at Multichoice, advocated for revisiting the basics to understand the risk environment. Constant risk assessments contribute to staying ahead of evolving threats and vulnerabilities.

 8. COMPREHENSIVE TESTING AND DEFENCE

Ishaaq Jacobs, CISO at Sasol, emphasised the significance of environment testing, automated penetration testing, and vulnerability testing with automation options. He cautioned against treating testing as mere checkbox tasks and highlighted the importance of layered defence.

9. TRANSPARENCY AND COLLABORATION

Alisha Sarabjeeth, Head of Information Security at Mr Price, called for transparent communication about security challenges. Sharing experiences and lessons learned can foster collaborative growth across industries.

10. ORGANISATIONAL MATURITY AND AGILITY

Sithembile Songo, Group Head of Information Security at Eskom, stressed the journey of organisational maturity in cybersecurity investment and implementation. Layered security and a swift response strategy acknowledge the inevitability of breaches.

11. STRATEGY AND EDUCATION

Ayanda Peta, Cybersecurity Strategist at African Rainbow Minerals, championed constant education, the establishment of basic security measures, and clear communication of cybersecurity vision and operation plans.

 12. CREATING CENTERS OF EXCELLENCE

Galeboe Mogotsi, General Manager of ICT at WITS, recommended establishing a center of excellence covering the entire value chain. Training, monitoring, and education ensure that all aspects of the organization are fortified against cyber threats.

CONCLUSION: Collaborative Vigilance for Cyber Resilience

The insights from these top thought leaders paint a comprehensive picture of the multifaceted approach required to safeguard businesses against cyber-attacks.

As cyber threats continue to evolve, a proactive stance that encompasses training, transparency, layered security, and ongoing risk assessment is paramount.

By fostering a culture of education, collaboration, and agility, businesses can navigate the dynamic cyber landscape with resilience and confidence. Remember, in the digital age, the security of your organisation is a collective effort that demands continuous adaptation and vigilance.

 

*The above-mentioned InfoSec leaders will discuss their top tips to safeguard your business against cyber attacks and more at CISO Kanect, a festival experience curated for InfoSec professionals taking place from 12-13 October 2023 at The Marriott Hotel in Melrose Arch, Johannesburg.
To join this fun initiative and learn from TED-style talks, reserve your spot before 31 August 2023 and Save R 2,500!