DSG
Back to Market Insights
cyber-securityJanuary 20248 min read

Digital Resilience

Dedicated to building digital resilience during Cyber Security Month, this newsletter covers the evolution from e-commerce pioneers to cybersecurity specialists. Discusses AI-powered threat detection, SOAR platforms, password security with LastPass, phishing awareness with Beauceron Security, and the global shortage of 3.5 million cybersecurity professionals.

YA

Yaron Assabi

Group Founder & CEO

Digital Resilience

Photo by Digital Resilience on Pexels

Digital Resilience

I am in the Bay Area, California, on a "workcation" meeting with technology partners. I decided to dedicate this newsletter to building Digital Resilience across your business ecosystem, as it is Cyber Security Month.

Since 2004, the President of the United States and Congress have declared October Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace.

From E-Commerce Pioneers to Cybersecurity

As pioneers in omni-channel commerce in Africa, we were first to market with e-commerce (1998) and mobile commerce (2000), so we learnt fast that internet fraud is a sad reality, and we need to build Digital Resilience in our business ecosystem.

Digitalmall.com was responsible for the first internet fraud arrest in South Africa. As we gained popularity, every 4th transaction in those days was a fraudulent attempt. These early lessons led to us launching a dedicated cybersecurity company in 2018, which we named Digital Resilience.

Resilience Over Prevention

The goal of business should not just be to prevent unauthorised penetration, as it is almost too ambitious, but the focus should be to be resilient under attack. The threat landscape is constantly evolving, so it's crucial to leverage Artificial Intelligence (AI) to analyse user behaviour and quickly detect threats.

Resilient companies quickly identify the unauthorised actor and limit the impact or activities of the hackers. By design, the business ecosystem architecture limits the potential for damage. You can create business rules using a SOAR (security orchestration, automation and response) platform to improve the effectiveness of security operations.

We help companies build a SOC (Security Operations Centre) or offer it as a managed service. We use security orchestration to streamline people, processes and technology for greater effectiveness and efficiency.

The Cybersecurity Talent Shortage

According to Cybersecurity Ventures, the number of unfilled cybersecurity jobs worldwide grew by 350% between 2013 and 2021, from 1 million to 3.5 million. The industry predicts the same number of jobs will still be open in five years.

We need to invest in education to eliminate the "human firewall" issues that are a considerable risk. We also need to create more cybersecurity professionals and provide technical training. This challenge is an opportunity for Africa, especially because we have so many unemployed youths.

Password Security with LastPass

The first of our webinar series focused on passwords and the passwordless future with LastPass. Employee password practices remain the weakest link in a company's cyber security posture. 80% of cyber breaches are due to passwords; even worse, 85% involve a human element.

92% of people use the same password or a variation. 51% rely on their memory to keep track of passwords. 65% always or mostly still use the same password or variation. 45% of survey respondents did not change their passwords, highlighting why passwords are the leading cause of a breach.

Phishing Awareness with Beauceron Security

Our second webinar with Beauceron Security covered phishing and focused on creating a positive security awareness culture within businesses. Phishing is a strategy by cyber criminals to obtain personal or professional data through email, social media conversations or banner ads.

We covered how to build an effective simulation program using the NIST Phish Scale framework. It is tough to get to a 0% click rate on phishing, but the program can help reduce clicks drastically, aiming for a click rate target of more than 1% and less than 5%.

We use automated randomization of templates to reduce bias and make it easy for employees to report phishing and reward that behaviour. Both platforms offer gamification and score individuals, business units and overall companies to measure effectiveness.

At DSG, we take security very seriously and insist that employees keep their LastPass score above 80%, that Beauceron courses are used regularly, and phishing simulations are conducted. It is about repetition and ongoing exercises that lead to lower risk.

#DoingSomethingGreat is making Digital Resilience a focus in your business.