Busi­nesses can no longer ig­nore cy­ber se­cu­rity

The Star (Kenya) - - News Business -

fully ap­pre­ci­ate why cy­ber­crime mer­its a ro­bust and well-co­or­di­nated se­cu­rity and pol­icy re­sponse from key stake­hold­ers, one has to look no fur­ther than the bil­lions cy­ber crim­i­nals siphon each year from the Kenyan econ­omy. Kenyan com­pa­nies con­ser­va­tively lose Sh15 bil­lion an­nu­ally to cy­ber­crime, but this fig­ure could be sig­nif­i­cantly higher, con­sid­er­ing most vic­tims are not even aware that they are vul­ner­a­ble. A re­cent re­port – State of Cy­ber­se­cu­rity in Kenya – in­di­cates that 70 per cent of Kenyan busi­nesses are vul­ner­a­ble to cy­ber­crime, yet most of them are ig­no­rant. The govern­ment has been ranked as the most vul­ner­a­ble to cy­ber crim­i­nals, ac­cord­ing to the re­port. The bank­ing sec­tor comes in at a close sec­ond, while fi­nan­cial ser­vices and mo­bile are ranked third in vul­ner­a­bil­ity, as these in­no­va­tions are now seen as new pay­ment chan­nels and on­line ser­vices that fa­cil­i­tate eas­ier ac­cess to money. The prospect of more than Sh15 bil­lion be­ing skimmed off each year through shad­owy dig­i­tal net­works is pro­foundly ter­ri­fy­ing, es­pe­cially in an eco­nomic en­vi­ron­ment where pri­vate com­pa­nies and the pub­lic sec­tor are for­ever grap­pling with acute bud­get con­straints. Part of the rea­son for the grow­ing preva­lence of cy­ber­crime in Kenya is the coun­try’s in­creas­ing digi­ti­sa­tion. The cy­ber se­cu­rity poli­cies in­sti­tuted in most Kenyan com­pa­nies don’t re­flect the mag­ni­tude, com­plex­ity and full range of risks they face. This hi­tand-miss ap­proach can be very costly. For in­stance, many or­gan­i­sa­tions have over­whelm­ingly em­braced the Bring -Your-Own-De­vice trend (BYOD) with­out fac­tor­ing in the risks. BYOD is sim­ply the pol­icy of per­mit­ting em­ploy­ees to bring per­son­ally owned mo­bile de­vices (lap­tops, tablets, and smart phones) to their work­place, and to use those de­vices to ac­cess priv­i­leged com­pany in­for­ma­tion and ap­pli­ca­tions. BYOD can help save costs and even act as an in­cen­tive to younger em­ploy­ees. How­ever, on the flip­side, BYOD can se­verely com­pro­mise cy­ber se­cu­rity. Staff can ac­cess pro­pri­etary com­pany in­for­ma­tion on their per­sonal phones, in­clud­ing pass­words, and share it with third par­ties either in­ten­tion­ally or un­know­ingly. It is ac­tu­ally no sur­prise that em­ploy­ees (in­sider threats) ac­count for 80 per cent of data-re­lated fraud in Kenya com­pa­nies. Com­pa­nies, there­fore, need to be aware of the loop­holes of the BYOD. Spe­cial­ist risk man­agers can help seal these loop­holes. No com­pany is too big to be hacked. Lead­ing US Bank J.P. Mor­gan, whose $235 bil­lion mar­ket value is more than 10 times the $20 bil­lion com­bined mar­ket value of all listed firms on the Nairobi Se­cu­ri­ties Ex­change, was not spared. Kenyan com­pa­nies need to start mak­ing sig­nif­i­cant bud­getary al­lo­ca­tions to cy­ber se­cu­rity.

Newspapers in English

Newspapers from Kenya

© PressReader. All rights reserved.