Attacks are a case of ‘if’ not ‘when’ – why cyber resilience has become critical to SA businesses

Brett Skinner, Security Business Unit Manager at Datacentrix.

---

As cyber threats continue to escalate globally, businesses are becoming increasingly aware of the need for not only cyber security, but also cyber resilience. At the recent Datacentrix Showcase 2024, the company, which positions itself as the leading hybrid ICT systems integrator and managed services provider, emphasised that resilience – defined as the ability of an entity to continue operating despite cyber attacks – has become a crucial component of a modern IT strategy.

Cyber resilience goes beyond traditional cyber security, explained Brett Skinner, Security Business Unit Manager at Datacentrix, acknowledging that in today's interconnected world, attacks are inevitable – it’s no longer a case of ‘if’ but ‘when’ they will take place.

“The key question is: how quickly can an organisation bounce back and minimise disruption when an attack occurs?” he asked.

Kyle Pillay, Security As A Service Centre Manager at Datacentrix, underlined the importance of this distinction. "Cyber resilience isn't just about stopping an attack, it's about the ability to keep going when an attack happens. We need to get to a place where recovery times are measured in minutes or hours – not weeks or months. Unfortunately, some businesses have taken as long as two and a half months to return to normal operations after a breach," he stated.

Kyle Pillay, Security As A Service Centre Manager at Datacentrix.

---

Indeed, a 2024 report by PwC on global digital trust highlights that, while South Africa experiences a slightly lower than average rate of cyber attacks compared to the global norm, the threat is still significant. For example, e-mail compromise is reported at a higher rate than the global average, with 38% of local businesses impacted versus 29% worldwide. This shows the necessity for cyber resilience measures that address both attack prevention as well as recovery.

Looking ahead, the European Union Agency for Cybersecurity (ENISA) predicts that by 2030, cyber threats will evolve even further, driven by new technologies. ENISA's top 10 predicted threats include disinformation campaigns, privacy loss through digital surveillance, smart device data manipulation and advanced hybrid threats.

“As AI-generated synthetic media, such as deepfakes, become more prevalent, discerning truth from deceit could become a challenge for businesses,” said Pillay, pointing to the rise of AI-powered cyber attacks, such as password spraying and brute-force attacks, as a growing local threat.

"These attacks leverage AI's capability to analyse patterns and vulnerabilities on a massive scale," he continued. "Password spraying involves criminals trying to access a large volume of accounts with a few commonly used passwords, one password at a time. On the other hand, brute force attacks see attackers attempting to gain unauthorised access to a single account by guessing the password using large lists of potential passwords.

“AI is a double-edged sword – it’s useful for security, but it also magnifies the capabilities of cyber criminals. And AI isn’t the only emerging technology that brings with it additional cyber security risk; quantum computing and the internet of things (IOT) too are widening the attack landscape.”

Skinner offered a pragmatic approach for businesses aiming to implement effective cyber resilience strategies. "The tendency, frequently, is to rush into execution mode when there’s a threat, but that can be dangerous, especially if you don't have a clear plan or roadmap in place. Resist knee-jerk reactions.

“The first step is to build a roadmap and plan against it, checking whether you’re prepared for disaster recovery. Next, because it can be difficult to journey alone within the security space, you must ensure that you have a level of trust with a specialist partner. Together, you can then gain a better understanding of your attack surface exposure and subsequently plan, deploy and test.”

He also called attention to the importance of user education as a fundamental element of cyber resilience. "People are still the weakest link in any cyber resilience strategy. Educating your workforce on security hygiene and emerging threats can significantly reduce your vulnerability.”

As cyber attacks grow in scale and complexity, the discussion is shifting from merely preventing breaches to ensuring fast recovery when they occur, meaning that businesses must focus on resilience as a critical defence mechanism.

For South African organisations, the message from Datacentrix’s 2024 Showcase is clear: no industry is immune to digital extortion. As Pillay aptly noted: "It's not about how hard you get hit; it’s about how fast you get back up."