A case in point is the new operating model of hyper-distributed environments. These environments can open up many fresh attack surfaces and vulnerabilities if not properly secured. A study by the Interpol African Cyber Threat Assessment Report highlighted 72 million threat detections in 2021.
Cybercriminals continue to evolve their ability to exploit vulnerabilities as they emerge. As more data and workloads go digital, the surface area for attack increases. Also, as more systems rely on complex and integrated supply chains, they become more easily accessible targets.
Understandably, we see more investment in advanced threat prevention technology. A report by statica.com shows that commercial cyber security revenue in Kenya is seen to rise over the years, with the 2022 spending estimated at Sh56.6 billion in 2022, up from Sh53 billion in 2021.
According to the Kenya National Bureau of Statistics (KNBS), cybersecurity advisories issued to companies increased by a staggering 3,693% from 81,727 in 2020 to 3.1 million advisories in 2021.
This uptick can be attributed to more people opting to work from home, necessitated by the Covid-19 pandemic. The increased advisories were facilitated by new systems to detect cybercrimes installed.
Now is the time to address security, risk, and compliance gaps before they grow any wider.
Security obstacles within organizations
The alarming truth is that most organizations remain underprepared. As digital transformation continues to grow in Kenya, the year 2022 is projected to witness an increase in cyber-attacks as well. According to CIO Africa, this is because ransomware and phishing attacks guarantee access to various data.
When ransomware attacks constantly happen in a matter of weeks, it can easily bring an organization to its knees. Against this backdrop, addressing four broad security obstacles within organizations is critical.
First, there is a misconception that only certain-sized businesses or industries are targeted for cyber-attacks. Organizations overlook their security planning and only focus on preventing an attack. Although it is important to be resilient to such attacks, organizations must operate with the assumption that an attack is just a matter of time, despite the best defences possible, and have a rapid recovery strategy in place.
Second, as organizations hasten their digital transformation pace, many make rapid technology changes without considering the security implications. In this data era, security transformation must accompany digital transformation.
Third, security applications have long been bolted-on, and some have been an afterthought when creating new technologies. Often, security integration is not considered until after applications and processes have been developed, and then the framework is adapted to fit over existing operations as best it can.
Fourth, security is far too siloed – that is, it is defined within the confines of different development teams, each building to their narrow functional lens, so it doesn’t play well across an organization.
Security has to be purpose-built to detect and mitigate threats, aligned with overall business objectives.
Fortifying your security strategy
Securing data, applications, and devices calls for a more mature approach that leverages innovative technologies for scale and intelligence, aligns around the business rather than the threats, is proactive in recovery planning, and defends the organization as a whole rather than in silos.
To protect against and be resilient in the face of cyber threats, we recommend organizations consider three fundamentals.
Protect data and systems
The first step in fortifying with modern security is to re-think how you protect data and systems. It starts with trusted infrastructure that takes an intrinsic security approach. This means the infrastructure is secure by design and doesn’t introduce risk into your environment.
Security must be built-in. To the extent possible, it should evolve from using security applications as patches and instead be designed to be native to the architecture it will protect. It should use devices, firmware, and processes intrinsically engineered for security from the start.
Enhance cyber resilience
In a cyber-resilient mindset, the focus shifts from defending against an attack to being resilient in the face of a cyber attack. This ensures minimal disruption and loss. It’s important to note that resiliency is not a technology but a strategy or, better yet, an outcome.
Think of it as a “ready state” for withstanding attacks that culminate from planning, technology, and discipline, so an organization knows exactly how they will act when a breach is discovered.
Therefore, threat mitigation and resiliency planning must be defined and prioritized in alignment with key business operations and services.
Business continuity planning must evolve beyond solving traditional disasters and ensure collaboration with IT teams and business stakeholders. Being cyber resilient is about focusing on what’s important to your organization and the services you provide to the market you serve.
Overcome security complexity
The final step in fortifying modern security is to overcome security complexity. Digital transformation demands we supplant manually intensive practices with automation and insights that drive better business results.
With accelerated digital transformation coupled with pandemic-driven labour shortages, it’s an ideal time to consolidate security tools and turn to automation, intelligence, and consolidation to enable scale.
Consolidating tools where possible from a select number of providers simplify your overall environment and enables more consistent governance, more predictable behaviour, and more effective threat detection and mitigation.
Within the overall cyber security strategy, there are other bodies in Kenya that work in tandem with the private sector to support these goals. These include the Kenya CyberSecurity and Forensics Association (KCSFA) which aims to promote confidence and security in cyberspace.
Within the Communications Authority is the National Kenya Computer Incident Response Team Coordination Center (National KE-CIRT/CC), which is a framework mandated to coordinate response and manage cyber security incidents nationally and work with other actors nationally and internationally.
In closing, modern security is built-in, unified, and context-driven. Building a robust security posture protects operations and helps drive business outcomes.
Therefore, organizations will benefit from modernizing their approach to cybersecurity and resilience. This, in turn, will allow them to address risks effectively and accelerate innovation.
James Karanja, Senior Presales Engineer – Kenya, Dell Technologies