How To Protect An Organization’s Data
The threat landscape for cybersecurity is constantly evolving, with cybercriminals finding new ways to attack organizations’ sensitive data. To manage this ever-changing landscape, organizations need a proactive and multi-layered approach to cybersecurity. This was the topic of discussion at the Africa Cloud and Security Summit’s panel discussion on “Managing Threat Evolving: Landscape For Case A Cybersecurity”.
The panellists included Francis Mwangi, Group Head of IT Security and Infrastructure at Platcorp Holdings Ltd, Antony Muiyuro, Partner, Risk Advisory & Cybersecurity Leader at Deloitte East Africa, and Mbugua Njihia, Head of Business and Partnerships at Sure Corporation Limited. The session was moderated by dx5 Chairman Harry Hare.
The panellists included Francis Mwangi, Group Head of IT Security and Infrastructure at Platcorp Holdings Ltd, Antony Muiyuro, Partner, Risk Advisory & Cybersecurity Leader at Deloitte East Africa, and Mbugua Njihia, Head of Business and Partnerships at Sure Corporation Limited.
Mwangi emphasized the importance of due diligence when using vendors. Organizations should conduct thorough research before picking a vendor to ensure they comply with data protection guidelines and have a recent audit report. In addition, organizations should identify their most critical assets to determine how to secure the most critical ones.
Muiyuro highlighted the importance of organisations first understanding the data they have in order to protect it. He said, “You cannot protect what you don’t understand.” He advised organizations to come up with worst-case scenarios and assess the possible risks in case the data sitting with a third-party vendor is breached. He stated that organizations should anticipate that they will be hacked and involve all stakeholders, especially the legal department and public relations, on how to address data breaches when they occur. “Effective communication is crucial to maintain customer trust”.
Njihia emphasized the need for cybersecurity awareness and knowledge sharing between organizations and customers. He said: “Customers are not sufficiently empowered with security awareness information, and it is vital to bridge this gap to prevent cyber-attacks”.
The panellists agreed that cybersecurity is an evolving field, and organizations need to use new technologies such as machine learning to detect threats. They also emphasized that cybersecurity is a shared responsibility, and all stakeholders need to be involved in addressing data breaches.
In conclusion, the discussion highlighted the importance of a proactive and multi-layered approach to cybersecurity to manage an evolving threat landscape. Organizations need to conduct due diligence when using vendors, classify their data, and anticipate data breaches while involving all stakeholders in the cybersecurity strategy.