Emerging security concerns in the digital age and how organisations can tackle the threats.

No photo availableByRadwan Moussalli
4 min read

The internet and other digital technologies have become key platforms for East African citizens to enjoy their rights to expression…

radwan-moussalli_article_full

The internet and other digital technologies have become key platforms for East African citizens to enjoy their rights to expression and to associate with other citizens as well as to engage with leaders.

According to the Collaboration for International ICT Policy for Eastern and Southern Africa, Internet access continues to rise, with penetration in Kenya as the highest with 69% of the population, Uganda (20%), Rwanda (31%) and Tanzania (22%).

While the digital age has truly taken hold across the region, there is also cause for concern.Over the last few years, cyber security has gone from a concern that loomed large in the future for East Africa to an issue of pressing importance. The Global Commission on Internet Governance estimates that in Kenya — one of Africa’s largest economies and East Africa’s central tech hub —cybercrimes cost the country more than 2 billion Kenyan shillings (US$22.56 million) in 2013. Cybercriminals have refined their back-end infrastructures to carry out attacks in ways that increase efficiency and profits.

The volume of threats and attacks that have compromised data belonging to individuals and organisations has increased sharply year-on-year.

According to Cisco’s Annual Security Report for 2014, total global threats have reached a new all-time high, with a tracked increase of 14 per cent since 2012. Moreover, a sample of 30 of the world’s largest Fortune 500 company networks generated visitor traffic to websites that host malware.

Beyond the loss of productivity and time, these threats also cause monetary losses that have in turn given IT managers, CIOs and CEOs many sleepless nights. Cyber security is an absolute necessity today and every measure must be taken to protect an organisation and its digital interests:

Today, threats are more sophisticated than ever before. IT managers, CIOs and CEOs need to adopt a holistic approach to security as any form of information breach can be extremely disastrous, making security a key boardroom topic.

The digital world is constantly evolving with new and sometimes disruptive technologies. With increasing dependence on cloud, Bring Your Own Device (BYOD), mobile and even social media, relying on a security solution that covers all the bases is absolutely vital. This is simply because as the technology landscape evolves, so do the coercions.

Given the sheer number of threats that exist today, it’s vital that service providers offer three key areas of protection:

1. First and foremost, protection against Distributed Denial of Service attacks is absolutely vital. Here, the malicious party launches high-volume attacks on cloud infrastructure and other hosted platforms that can completely cripple these systems. The only way to mitigate this threat is to have the right network fabric, so an organisation can weaken the malicious party’s distributed hubs.

2. Advanced Persistent Threats (APTs) are also becoming a common place and here, traditional signature-based detection techniques cannot cope with zero-day attacks and targeted malware exploits. With APTs, older techniques such as signature-sandboxing have been rendered ineffective given that these targeted threats use multiple attack vectors on the target over a period of time.

3. Counteracting APTs requires that a global Tier-1 network provider mitigate the risk through global threat intelligence and large attack aggregation points that serve as an early detection system. Malicious traffic is also a real problem in today’s digital world because if this type of traffic penetrates an organisation’s infrastructure, the company could suffer data loss, a loss of productivity or worse.

I believe that prevention is better than cure. What this means is that individuals, as well as organisations, need to take proactive measures to secure themselves and their digital footprints. Enterprises should continue to raise their awareness of their security preparedness, and security professionals must champion the growth of budgetary outlays to support technology and personnel. In addition, confidence will rise when security practitioners deploy tools that can not only detect threats, but also contain their impact and boost understanding of ways to prevent future attacks.

The Author – Radwan Moussalli, is Senior Vice President – Middle East, Central Asia and Africa, at Tata Communications.

Leave a Reply

Your email address will not be published.

Do you have a story that you think would interest our readers? Write to us editorial@cioafrica.co