With cybersecurity threats on the rise, a report by the CSIR Information and Cybersecurity Research Centre found that South African public sector organisations face significant vulnerabilities to cybercrime.
The “Cybersecurity Resilience of South Africa’s Public Sector” report surveyed over 1 200 organisations and individuals nationwide.
The report, released in April, revealed that while the country is grappling with cybercriminals, many organisations have been able to respond to the challenges at hand.
According to the survey, malware and phishing attacks are the most common cyber threats faced by these institutions, as 47% of respondents said they experienced between one and five cybercrimes in the past year.
The survey reported that 56% of public institutions experienced malware attacks, while 55% accounted for phishing attacks.
However, it highlighted that insider (38%) and social engineering (37%) attacks are slowly on the rise.
The report indicated that the public sector responded well to cyber attacks, by showing effective preparedness for possible cyber crimes.
It was found that 89% of public institutions have a formal cybersecurity incident response plan in place, while 41% said they assess and monitor cyber threats daily.
The CSIR report further stated 95% of organisations said they have a data backup and recovery plan in place in case of future cyber threats.
In addition, 86% of organisations conduct regular vulnerability testing, while a concerning 14% said they don’t, which increases their susceptibility to cyber attacks, as criminals are more likely to compromise their systems.
Seventy-eight percent of organisations use anti-malware and antivirus software as a preventative measure against malware and ransomware attacks.
Meanwhile, 76% of organisations use encryption to protect sensitive company data, while access controls lagged with 75%, and 61% used data classification.
Despite companies being well prepared for cyber crimes, the survey reported a growing concern around cybersecurity awareness training for employees.
Thirty-two percent of organisations trained between one and 25% of employees for cybersecurity awareness, while 29% respondents trained between 25 and 50% of their employees, 14% said they trained more than 75% of workers, and 7% said they did not train workers.
Chief technology officer at Performanta, a cybersecurity company, Gerhard Swart, noted the report helped reflect on the state of cybersecurity in the organisations, including the private sector.
“The public sector has unique or amplified challenges that differ from private sector companies, but when you look at various research, the findings here are similar to what many organisations are facing. For example, all sectors have issues with filling cybersecurity roles, and criminals frequently target their data systems,” said Swart.
He applauded organisations for being cautious about cybersecurity; however, visibility remained a cybersecurity key challenge.
“Modern technology systems are complex, especially when they integrate, a situation that became more acute through rapid digitisation during the pandemic years. Security teams have much more to monitor, complicated by a growing flood of alerts and reports generated by those vast technology estates,” said Swart.
“Mean time to respond (MTTR) is the best rule of thumb to evaluate an organisation’s cybersecurity effectiveness. It represents their monitoring, capacity, user awareness, planning, policies, and technology. It’s also a great way to measure security providers.”
Swart said that modern risk-first frameworks also help providers to radically reduce response times.
“Frameworks such as ‘Continuous Threat Exposure Management’ (CTEM), have enabled leading security providers to build more advanced security systems that address the market’s current challenges. With risk-focused strategies and security partners that can guide those efforts, SA will start turning the tide against online criminals,” said Swart.
The Star