CEOs need a better understanding of cyber security

Simon Campbell-Young, MD of Credence Security

CEOs have a lot on their plate. They are ultimately responsible for business strategy and planning, as well as leading operations. It’s no surprise then, that they lean heavily on their technical leads and departments, particularly when it comes to information security.

“While they believe they are being correctly advised about how best to protect their organisations from threats, too often they end up wasting their limited security budgets and tools and solutions that simply aren’t doing the job,” says Simon Campbell-Young, MD of Credence Security.

He says this happens because they are led to believe certain myths that simply aren’t true. “One of these mistaken beliefs is that cyber security is just an IT problem. Viewing digital threats as purely the purview of IT department is one way to guarantee that they won’t be contained in time. Once data has been digitised, everything from accuracy, privacy and availability to integrity has to be protected – across all departments.”

Another example is that CEOs have been told that attackers are all technical experts. This isn’t the case. For the most part, they are not unstoppable geniuses. “Sure, there are some highly intelligent minds behind some of the threats we see today, but it’s just as likely that hackers are regular guys with a little technical know-how, or even rank amateurs,” Campbell-Young says.

Most attackers simply know how to get something done with the tools available. “Many tools are passed down through criminal organisations, or these tools can be bought on the dark Web for a few hundred dollars. Sure, there are some highly skilled and well-funded groups working for nation states, but these are the exception, not the rule.”

Next is the mistaken belief that cyber criminals cannot be stopped. “In truth, many organisations have such ineffective tools in place, or have such a lackadaisical attitude about cyber security that it’s child’s play for attackers to penetrate their defences. While it’s true that the more well-funded and highly motivated criminal groups can’t be stopped 100%, many, many attacks can be stopped with a combination of the right tools, procedures and employee training.”

Campbell-Young says this leads to the next point, which is that CEOs believe they are investing adequately in employee security training. “The insider threat, whether through a careless or malicious employee, is still the primary avenue through which organisations are breached. Phishing and social engineering are still widely used by cyber criminals, mainly because they work.”

Yet despite this, most companies devote practically no time to training their staff in these threats. “Staff are simply not adequately trained to prevent social engineering from being successful, and as long as this is the case, organisations will continue to get hacked, irrespective of what else they do, and how many resources are thrown at cyber security tools and solutions.”

Then there’s the view that protecting their business is enough. “It isn’t. Today’s organisations are connected to a multitude of suppliers and other third-party partners, each of whom can be used as a stepping stone to gain access to their network. Remember, a chain is only as strong as its weakest link, and everything in the organisation’s ecosystem, from satellite offices, to the auditors, can be a threat vector.”

Finally, he says organisations are confusing compliance with security. “With increasingly stringent data regulations, CEOs have to make sure they meet all legal and regulatory compliance requirements if they don’t want to fall foul of regulators, and incur massive fines, not to mention reputational damage. However, what is needed to be compliant isn’t what is needed to be secure, in fact the two can often be at odds.”



Latest


16 Feb 2021
Transition management services partnership announced

Standard Bank has signed a memorandum of understanding (MoU) with Chicago-headquartered financial services company Northern Trust, to partner on the…

Transition management services partnership announced

Standard Bank has signed a memorandum of understanding (MoU) with Chicago-headquartered financial services company Northern Trust, to partner on the delivery of transition management services across Southern Africa. Under the partnership, Standard Bank’s clients will gain access to Northern Trust’s full suite of transition management services. Transition Management is a…

16 Feb 2021
Tax free wealth creation with property funds

By Liliane Barnard, CEO and Portfolio Manager at Metope Investment Managers, and Aimee Glisson, Director: Operations, Performance & Risk at…

Tax free wealth creation with property funds

By Liliane Barnard, CEO and Portfolio Manager at Metope Investment Managers, and Aimee Glisson, Director: Operations, Performance & Risk at Metope Investment Managers The tax year, along with the deadline for an investor’s maximum R36 000 annual tax-free savings account contribution, comes to an end on the 28 February 2021. Investors…

16 Feb 2021
Why multi-manager investing is popular

Multi-management has been around for over two decades. This investment management approach is popular among many investors because it promises…

Why multi-manager investing is popular

Multi-management has been around for over two decades. This investment management approach is popular among many investors because it promises to deliver smoother, more consistent investment returns, despite cyclical turbulence of financial markets. Given last year’s drastic swings in financial markets and continued uncertainty on how the Covid pandemic will…

16 Feb 2021
Momentum Health Solutions unpacks COVID-19 vaccine roll-out plan

Momentum Health Solutions announced its COVID-19 vaccine roll-out strategy and how it intends to support both its members, as well…

Momentum Health Solutions unpacks COVID-19 vaccine roll-out plan

Momentum Health Solutions announced its COVID-19 vaccine roll-out strategy and how it intends to support both its members, as well as the uncovered population, in being vaccinated. As the COVID-19 virus continues to spread, a third wave is imminent, should the vaccination rollout not commence soon. Speaking at a recent…


Top stories


10 Sep 2020
How too much choice is draining your brain

By: Paul Nixon, head of technical marketing and behavioural finance at Momentum Investments From the words of Francis Scott Key…

How too much choice is draining your brain

By: Paul Nixon, head of technical marketing and behavioural finance at Momentum Investments From the words of Francis Scott Key that dubbed America “The land of the free”, which stuck, to the unforgettable Mel Gibson monologue where an army of painted Scots were willing to trade their lives for the…

13 Apr 2020
Investors should keep a reasonable investment allocation outside of SA

MoneyMarketing asked Roland Gräbe, the head of Tailored Fund Portfolios at Old Mutual Wealth, about offshore investments in the COVID-19…

Investors should keep a reasonable investment allocation outside of SA

MoneyMarketing asked Roland Gräbe, the head of Tailored Fund Portfolios at Old Mutual Wealth, about offshore investments in the COVID-19 environment and what form a global market recovery will take.

13 Apr 2020
SA’s Proposed Covid-19 Disaster Management Tax Relief

The National Treasury recently issued the draft Disaster Management Tax Relief Bill (Bill) for public comment by 15 April. The…

SA’s Proposed Covid-19 Disaster Management Tax Relief

The National Treasury recently issued the draft Disaster Management Tax Relief Bill (Bill) for public comment by 15 April. The draft Bill, together with its explanatory memorandum, provides clarity with regards the tax relief measures President Cyril Ramaphosa announced on 23 March.

10 Apr 2020
When the going gets tough, farmers are on familiar territory

South African farmers are old hands at adapting to uncertain and daunting circumstances, and our local agricultural industry has proved…

When the going gets tough, farmers are on familiar territory

South African farmers are old hands at adapting to uncertain and daunting circumstances, and our local agricultural industry has proved to be most enterprising in acclimatising to challenges as they arise.


Visit the official COVID-19 government website to stay informed: sacoronavirus.co.za