Phishing, malware and external hacking attempts constitute the bulk of cybersecurity incidents reported to the Cyber Security Incident Response Team (CSIRT) established by the Association for Savings and Investment South Africa (ASISA) last year.
The ASISA CSIRT exists to help member companies combat threats to cybersecurity by encouraging and facilitating the sharing of cybercrime trends and other relevant information. The ASISA CSIRT is one of two industry response teams in existence in the financial sector; the other one is the South African Banking Risk Information Centre (SABRIC).
According to Johann van Tonder, senior policy advisor at ASISA, many of ASISA’s member companies have also established internal cybersecurity response teams with representation on the ASISA CSIRT.
Van Tonder says achieving resilient cybersecurity is a top priority for the savings and investment industry. “In financial services the trust of customers is key. Therefore, protecting confidential customer information from cyberattacks is our number one priority.”
He says intra-sector collaboration in the fight against cybercrime is critical since a single serious breach of cybersecurity is likely to impact on the reputation of the entire industry.
Incident reports collected by ASISA from member company response teams since October last year show that ignorance remains the greatest risk in the fight against cybercrimes.
“Even the most sophisticated systems designed to detect and prevent breaches of cybersecurity will fail if employees are not trained to recognise potential risks. All it takes is a click on a compromised link or the sharing of sensitive information as result of an undetected phishing attempt.”
Van Tonder emphasises that raising awareness of cybersecurity risks amongst staff is therefore a high priority for member company cybersecurity response teams.
He points out that one of the interesting new trends noticed by members of the ASISA CSIRT is an increase in phishing attempts, mostly from foreign countries, disguised as LinkedIn requests.
“These foreign LinkedIn requests are being distributed by an automated process, using company information that was scraped off LinkedIn profiles.”
He says once a trend or a specific modus operandi becomes apparent from collated data, all member companies are informed of the emerging cyber threats, enabling them to tighten their defences.
Since tapping into international best practice is important in the upskilling of key employees tasked with cybersecurity, ASISA will host two cybersecurity experts from the Netherlands next month who will present a training course to employees of interested ASISA members.
ASISA is also represented on the Cybersecurity Working Committee of the International Investment Funds Association (IFFA). The IIFA consists of 41 domestic and regional investment funds associations from around the globe, including ASISA, representing assets under management of US$44.7 trillion as at the end of the second quarter of 2017.
The ASISA CSIRT will represent member companies at an industry level in interactions with the Government and regulators once the relevant structures have been established in terms of the Cybercrimes and Cybersecurity Bill.