In his career, Telkom's group CIO, Len de Villiers, has had two incidents of cyber crime that have had his IT systems down for three or four days.
Speaking at a cyber security event hosted by the CIO Council of SA and Microsoft, De Villiers shared his experience of these breaches. "The impact of such a breach, the pressure you experience and the erosion of your trust in the IT function are just off the scale, never mind the brand damage to the industry and your organisation. Even your personal reputation suffers, and your relationship with the CEO and the board changes dramatically," he said.
"The biggest challenge for CIOs is the fact that you've got to run your business as bosses of IT, but you also need to take responsibility of the security of the firm," he said.
At the event, De Villiers focused on empowering CIOs rather than focusing on the fear factor associated with security. "It doesn't help much if we scare you, tell you how you're going to go to jail and how you'll lose your job, if we can't give you some idea of what you could possibly do about this," he said. De Villiers presented a dashboard that CIOs can use to report, track and monitor a company's security landscape.
While companies can use elements from the dashboard provided by De Villiers, vendors such as Microsoft are taking a more proactive approach.
According to Marius Haman from Microsoft SA's digital crimes unit, the company has taken a "different approach". "We want to make it more expensive for the cyber criminals to do what they do," says Haman, who explains investigations have shown cyber criminals use these botnets because it's a "highly profitable" method. By being able to secure confidential data from the machines infected with the malware, criminals are able to relieve their targets from their hard-earned cash.
Since 2010, Microsoft has taken down 12 botnets and Haman says the company is ramping it up. Microsoft takes control of the botnet then doesn't close it down, but rather allows the infected machines to make contact with it. This not only prevents attacks from that botnet, but also provides information showing how SA is definitely a target for cyber crime.
In a view of the last 90 days, Haman showed a visual presentation of over 175 000 hits in Johannesburg from the B-106 botnet alone. As one botnet is seized, another appears.
According to Microsoft's Cyber Security director, Robin Wright, it takes zero to five days from when a patch or update is released for new malware to be created. Wright says the best way to protect companies is to take a position of assumed breach and build the security strategy around that.
Share