31 Mar South African businesses urged to take ‘zero trust’ approach for defence against cyberattacks

An INTERPOL report has highlighted a bleak outlook for South African businesses as the threat of cyberattacks continue.

The report, titled the African Cyberthreat Assessment Report 2021, revealed that while the broader African continent had experienced some attacks against critical infrastructure and frontline services, South Africa was amongst the countries hardest hit. South Africa experienced almost 230 million threat detections in total between January 2020 and February 2021. Comparatively, countries such as Kenya and Morocco were subjected to a smaller number of attacks, at 72 million and 71 million respectively.

In South Africa, email threats accounted for 219 million detections, and the country was also listed as the most targeted with ransomware and business e-mail compromise (BEC) attempts. In the INTERPOL report, figures were referred to from Accenture, which stated that South Africa has the third highest number of cyber crime victims worldwide, at a cost of R2.2 billion a year.

As the threat of cybercrime rises, many businesses in South Africa are being urged to consider a ‘zero trust’ policy and reconsider their cyber security approach and that the pre-COVID virtual private network (VPN) set-up that permits users to access all areas of the network is no longer a secure strategy. As more workplaces opt for remote working and cloud-based systems, businesses are being pushed towards a strategy of  ‘never trust, always verify’, which revokes any type of access privileges that users may have previously had on a network, and keeps their access to the absolute minimum, while frequently requesting user authentication. This keeps a tighter hold on access and allows for the faster reactions when a threat is detected.