Emergency: 0861 222 250 info@orchidrisk.co.za

South Africa is seeing an uptick in the number of cyber crimes reported in the country. According to Sophos’ The State of Ransomware in South Africa 2023 report, most (78%) South African organisations were hit by a ransomware attack last year. The number of ransomware attacks in South Africa was far higher than the 66% recorded for global respondents over the same period. Moreover, in South Africa, increased load shedding and the new work-from-home systems have increased the number of cyber crimes. Gerhard Swart, the chief technology officer at cyber security firm Performanta, said that hybrid work systems and work-from-home setups have encouraged bad security habits, such as weak passwords, the reuse of passwords and sharing of passwords between colleagues.

 

In addition, load shedding also causes people to swing between access points based on timing and location, opening their systems up to bad actors. There are also many other ways in which employees expose their company to potential digital threats. KnowBe4, a security awareness training and simulated phishing platform, provided the top 10 most risky behaviours that employees engage with on their work devices.

  • Entertainment domain/streaming services
  • Gaming website
  • Greymail
  • Adult website
  • Unauthorised or malicious application
  • Risky website detected
  • Unauthorised removable media
  • Sharing of personal identifiable information (PII)
  • Cloud backup or cloud storage
  • Malicious email attachment opened

 

According to the 2022 Verizon Data Breach Investigations Report, 82% of data breaches are caused by human error, but only 3% of IT spending is spent on addressing the human factor. “With the proliferation of social engineering attacks, employees continue to be the biggest risk factor,” said Stu Sjouwerman, CEO, KnowBe4. “However, with proper training and coaching, they can become a human firewall and your last line of defence. These findings from our new SecurityCoach product are definitely concerning and reiterate the importance of developing a strong security culture.”

 

Article by: businesstech.co.za Image via: unsplash.com