Managing The Risk Of Data Breaches
As technology progresses, the digitisation of information is leading to more frequent and costly cyberattacks. In one of South Africa’s biggest data breaches, credit bureau Experian recently exposed the personal details of as many as 24 million consumers and nearly 800 000 businesses to online fraudsters.
Data breaches have thrown the vulnerability of even the most supposedly secure data repositories into question. Malware, phishing, DDoS attacks and ransomware are just some of the methods that external hackers use to gain access to data. Internal data leaks, which stem from employees, may be accidental or wilful, with some employees willingly selling data to cyber criminals.
“Unfortunately, even the most advanced cybersecurity systems may be susceptible to data breaches,” says attorney Simone Monty of Monty Legal Consultants. “The person or business responsible for personal information must ensure that appropriate security measures and safeguardsare put in place to make their systems less vulnerable to cyber criminals.”
The impact of POPIA
The Protection of Personal Information Act (POPIA) is designed to protect consumers from data theft, and organisations from loss of confidential information. Failing to take reasonable and practical steps to safeguard data may lead to reputational and financial harm, disruption to business operations, and the possibility of fines, imprisonment and damages claims from data subjects who may have suffered loss as a result of the data breach.
“POPIA demands accountability,” says Monty. “Organisations are expected to demonstrate respect for the law and the consumer by having monitoring and security protocols in place. They must ensure that employees are trained on data security and that staff and service providers have access only to the data they need. There are a number of best practice protocols that are used as a benchmark to evaluate the level of security of systems that a responsible company will continue to test and update as the landscape changes.”
It’s important for an organisation to understand what POPIA requires in the event of a security compromise. It is prudent to develop a proactive incident response plan rather than taking a crisis-driven approach.
With so many people working from home, good cyber hygiene is a must to help prevent malware and viruses from penetrating your home office…
Here are some free options:
Kaspersky Security Cloud Free provides alerts and warnings, and blocks direct threats from viruses, worms, Trojans, malware, ransomware and other dangers.
Avast Free Antivirus scans for security and performance issues, and provides real-time protection by analysing unknown files before they get to you.
AVG AntiVirus Free includes real-time security updates, scans for malware, ransomware and performance issues, and stops malicious downloads before they reach your PC.
Bitdefender Antivirus Free Edition includes all the essential protection features, without slowing down your PC.
Here are some paid options:
Bitdefender offers virus protection that predicts, prevents, detects and removes even the latest cyber threats.
Norton advanced security with antivirus protects against existing and emerging online threats to devices, and protects your private and financial information.
McAfee secures your accounts and generates complex passwords automatically so you can navigate safely online.
BullGuard provides antivirus, advanced internet security, and identity protection for all devices.
Sources: kaspersky.co.za; avast.com; avg.com; bitdefender.com; norton.com; mcafee.com; bullguard.com