IF YOU are well prepared with your security systems – deployed in a holistic manner – you can prevent generic threats from getting into your environment. With the right tools, processes and people, you can detect and contain more advanced threats before they have an impact – but it all depends on preparation writes Bryan Hamman.

It should be noted that users are both a strength and a weakness. On the one hand, attackers are successfully using spear-phishing and watering-hole attacks to gain footholds within our networks – people are fallible. But, on the other hand, people are also very good at identifying suspicious or unusual behaviour.

Education and enablement are key. If our users are sufficiently educated as to the threats we face then we can minimise our risk, whilst at the same time we should enable them to raise concerns to the security team so that they can be quickly investigated. Also, data classification, appropriate network segmentation and authentication are critical. We need to put appropriate controls in place so that the people who represent risk are covered.

Personal user devices do represent a challenge, but this is manageable. As with everything in security, it comes back to preparation. We need clear policies on what personal devices can be used for, what data is stored on them and so on. We also need monitoring capabilities, or other access limiting technologies, to ensure that these policies are adhered to. The use of personal devices has spurred some businesses to put proper data classification and access restrictions in place, which is a good thing generally.

All businesses should assess their strengths and weaknesses from a security perspective. Even large, well-resourced organisations have gaps in their capability, and these need to be filled by external organisations offering services. In this context, the most important thing about using external partners for security is that services and technologies are selected that allows the right level of visibility to an organisation.

Large enterprises may want a lot of visibility of what is going on, smaller enterprises may not have the capability to interpret huge volumes of detailed data. The underlying service capabilities may be similar, but the presentation and packaging to the organisation have to be at the right level if they are going to derive the value they are looking for.

DDoS attacks are projected to escalate around the globe, so making sure that your organisation is adequately prepared against a DDoS attack is critical. From the perspective of the biggest cyber threat challenges that South Africa is facing, we are no different from any other country with Internet connectivity. The threats range from DDoS attacks that threaten availability of digital services and applications, to ransomware and more sophisticated advanced threats that target critical business and customer information.