CyberSecurity Month.

This October, National Cybersecurity Awareness Month, is the time to focus raising awareness about the importance of cybersecurity.

Cyber Security in 2018: The Transition

It’s been a year of transition for cybersecurity professionals and attackers alike. As noted by Forbes, cybersecurity spending in the U.S. could reach $66 billion by the end of 2018. Globally, that number will likely reach close to $100 billion by the end of the year. Total breaches are down from 2017, but attackers are changing tactics: Where servers and workstations once took priority, threat actors are now directly targeting mobile applications and users to breach networks and compromise data.

It’s also worth noting that the rate of cryptojacking scams increased by 141 percent in 2018, according to Trend Micro. And, just like in 2017, human error remains a top concern for companies: A recent CA Technologies survey found that 90 percent of organizations feel vulnerable to malicious or accidental insider attacks.

Africa CyberSecurity Conference is held every year during the month of October to coincide with the cybersecurity month.  During the upcoming conference on October 24, 25, and 26, we will celebrate successes, educate on trends, identify threat actors, and build collaborative initiatives to secure the cyberspace.  One of this year’s conference focus is the rise of Insider Threats.

Insider Threats

  1. [Africa] 95% of organizations in Africa are vulnerable to insider attacks. The main enabling risk factors include too many users with excessive access privileges (47%), an increasing number of devices with access to sensitive data (43%), and the increasing complexity of information technology not understood by users (65%).
  2. [Africa] A majority of 63% confirmed insider attacks against their organization in the previous 12 months (typically less than five attacks). 37 percent of organizations say insider attacks have become more frequent.
  3. [Globally] Organizations are shifting their focus on detection of insider threats (64%), followed by deterrence methods (58%) and analysis and post breach forensics (49%). The use of user behavior monitoring is accelerating; 94% of organizations deploy some method of monitoring users and 93% monitor access to sensitive data.
  4. [Globally] The most popular technologies to deter insider threats are Data Loss Prevention (DLP), encryption, and identity and access management solutions. To better detect active insider threats, companies deploy Intrusion Detection and Prevention (IDS), log management and SIEM platforms.
  5. [Globally] The vast majority (86%) of organizations already have or are building an insider threat program. Thirty-six percent have a formal program in place to respond to insider attacks, while 50% are focused on developing their program.

Safe surfing and happy CyberSec Month!
Africa CyberSecurity Team

[Africa] Jighi – Enovise Research
[Globally] Data extrapolated from compilation of many studies