Cyber crime is a threat for which many South African businesses are insufficiently prepared. Much has been said about the increasing use of the internet for communication, data storage and e-commerce, but there has tended to be less coverage of the risks involved with conducting business online, leaving many businesses unaware of the danger. Cyber crime is a growing problem that is often overlooked by the people who are at greatest risk. Businesses in South Africa have been left particularly vulnerable to attack as their counterparts in other parts of the world have introduced better security measures. The basic advice offered to consumers online can be a good starting point for businesses looking for ways to protect themselves, but prevention of cyber crime needs to go further.
How Big is the Threat?
It is an unfortunate truth that any shift in the way people spend their money is likely to be followed by a change in the tactics of criminals. The increase in e-commerce and other online business activities has been followed by an increase in cyber crime. Criminal activates online are becoming increasingly organized, with carefully orchestrated attacks simultaneously targeting large numbers of businesses to steal money and information. Although it is the dramatic attacks on large companies that tend to catch the attention of the media, smaller businesses are also increasingly at risk from cyber crime. The investments that big companies have made in their defences have caused the criminals to focus on those who remain most vulnerable: small businesses.
Why are South African Businesses Particularly at Risk?
The unusually high risk of cyber crime in South Africa has been caused by a global disparity in awareness of cyber crime and use of protective measures. Countries like the United States, traditionally the targets of large volumes of cyber crime, have been encouraging awareness and prevention among both individuals and businesses. At the same time as the US has been becoming less attractive to cyber criminals, businesses in other parts of the world have been moving online, without learning the same lessons about cyber security. South Africa has recently begun to find itself the target of a large proportion of cyber crime, for which it is largely unprepared. It has been too easy in the past to imagine that cyber crime is a threat that does not apply here. Many people still feel that they are not at high risk, but South Africa is now the third most frequently targeted nation for phishing attacks. The risks will only increase as businesses come to depend more on internet sales and communication.
How Should Businesses Be Protected?
Protection against cyber crime begins with IT infrastructure. A secure system, protected by a firewall and antivirus software, is the basic requirement for conducting business online securely. If products are to be sold online, secure methods for processing orders and payments will also be required. Just as the lock on a door cannot help if the door is left open, none of these security measures can help if the people using the system are failing to keep it secure. Employees are increasingly using their own laptops and mobile devices for work purposes, which means that protection should be extended to these devices. Proper use of the security measures should also be encouraged. Every individual who is working for the company should understand what is expected of them, particularly when it comes to selecting a secure password and protecting company data. In the event that these protective measures are not enough, businesses should also be prepared for the costs involved in recovering the system and making it secure again. As with any threat, it is important that businesses are prepared for the worst. A cyber crime attack may result in businesses not only suffering a direct theft, but also being liable for any losses of customer data that should have been kept secure. Only about 40% of South African businesses are currently fully insured against internet crime. Security measures should be reinforced with policies that provide adequate protection against cyber crime.
A Secure Future
Better understanding of the risks should encourage businesses to take better measures to protect themselves, and hopefully to make South Africa less of an easy target for cyber crime. Together with improved security measures in business, the prevention of cyber crime will also require changes in the policing and legal systems. Until businesses feel they can rely on the police to deal with cyber crime, it is likely that the reporting rates for online crime will remain low, which can only serve to encourage the interest of cyber criminals in targeting South Africa.