Subscribe
About
  • Home
  • /
  • Security
  • /
  • The top threats of 2022 (and how to fight them)

The top threats of 2022 (and how to fight them)

Kirsten Doyle
By Kirsten Doyle, ITWeb contributor.
Johannesburg, 25 May 2022
Jayson O'Reilly, general manager, Atvance Intellect Cybersecurity.
Jayson O'Reilly, general manager, Atvance Intellect Cybersecurity.

Today’s threat landscape is a complex one, riddled with sophisticated threats, and determined adversaries.

ITWeb Security Summit 2022 JHB: 31 May - 2 June; Cape Town: 6 June

The annual gathering of cyber security decision makers will feature experts from across the globe, who will discuss the most critical issues facing businesses today.

Book your seat now to get up to speed on cyber security trends, solutions and best practices.
For Joburg, go here.
For Cape town, go here.

For one, social engineering is on the rise, as is phishing, smishing, and vishing. At the same time, the use of deepfake capabilities continues to grow, bringing zero-day malware payloads to unsuspecting users, and enabling personal and business credentials to be used to gain access to organisation systems.

So says Jayson O'Reilly, general manager, Atvance Intellect Cybersecurity, adding that business email compromise has caused significant losses for companies over the last two years, and will continue to present a major challenge to organisations going forward.

“Third-party risks will continue to plague many organisations as too many supply chain partners do not have the same budgets or skills required to protect customer information or intellectual property,” he adds.

“Also, using APIs as an attack vector continues to be a focus area for threat actors, as most businesses today cannot function without a connection to the Internet or the applications they use to deliver capabilities to their consumers. This threat vector is not considered in many organisations and hence attackers are taking advantage.”

According to O’Reilly, complex cyber technology deployments in many more mature client environments enable the noise of alerts and events to bedazzle efforts to prevent data breaches. “Similarly, silos created within teams, and across the business, still allow bad actors to reach the crown jewels without much effort.”

Accountability cannot be outsourced to any third party.

Jayson O'Reilly, Atvance Intellect Cybersecurity.

When it comes to fighting these threats, O’Reilly says it’s important to understand that cyber risks are critical risks for every organisation today, and owners and board members need to be fully aware of this. 

“It's not only the finance sector that is being targeted. In fact, malefactors often prefer to focus on less cyber mature organisations before attacking financial organisations who spend millions on controls and people.”

Steps to take

O’Reilly suggests several steps to help prevent cyber attacks. 

“Firstly, ensure that organisational cyber risk culture is enabled. Every employee should fully grasp their role they play in the success or demise of the business, when it comes to how the Internet is used in the company.”

Next, O’Reilly says to ensure that the business has the correct skills or trusted service providers. "Internal processes, technology, and validation need also to be in place to ensure the business risk level is adhered to and can be demonstrated everyday.”

Thirdly, he says to ensure accountability. “The executive or owner is always 100% accountable should anything happen to the business. Accountability cannot be outsourced to any third party and both POPIA and the Cyber Security Act are there to ensure we create a safer digital economy for all citizens and business.”

O’Reilly will be presenting on “The role of AI and ML in cybersecurity”, at the Cape Town leg of the ITWeb Security Summit 2022, to be held at Century City on 6 June.

Share