The constantly shifting and evolving landscape of cybersecurity is keeping business executives awake at night and waiting for the phone call requiring immediate action by the organisation’s IT and cybersecurity teams – with a knot of uncertainty as to what damage to expect.

It has necessitated the Chief Information Security Officer’s (CISO) focus to shift outside of their own business and into all levels of the supply chain, having to stay on top of supply chain developments; particularly monitoring those who have either not grasped the importance of cybersecurity or simply don’t have size, budget or expertise to have a competent and compliance-acceptable level of security.

Hair-raising statistics demand a proactive cybersecurity approach. Statistics such as those recently reported by cybersecurity firm, Check Point, reveal that over the past six months, on average a typical South African organisation was targeted by cyber criminals 1 001 times per week. The Council for Scientific and Industrial Research (CSIR) states that South Africa is the most targeted nation in Africa for cyber-attacks and takes eighth place globally. The global cost of attacks is estimated to increase by 19% from 2023 to around $9.5 trillion in 2024 alone.

Rapid technological advancements are impacting on the cybersecurity stage, both positively and negatively, and cyber threat actor sophistication is increasing on a daily basis. Cybersecurity executives and professionals can’t limit or ban the tools that cybercriminals use against the same tools enterprises also use to counter their efforts. They can only try to stay ahead in tool development and mindshift changes, in terms of platform and frame work implementation.

BCX is seeing, for example, a shift away from traditional perimeter-based security or organisations deploying only the most useful and effective perimeter security technologies, because elements of perimeter- based security are becoming obsolete.

Users are increasingly accessing resources from outside the network and cyber threat actors are finding new and creative ways of moving into and around a network. This shift is in favour of a zero-trust model that can offer more robust protection.

Savvy CISOs know they can deploy proactive protection methods, such as threat hunting, endpoint and network monitoring and constant or periodic penetration and vulnerability testing, to counter the growing attack surface.

Only proactive efforts and robust measures can prevent organisations falling victims to cyber attacks, including addressing employees and users – the weakest links in the chain – alongside emails, which are the most vulnerable door into an organisation’s IT infrastructure. Phishing, malware, identity theft and social engineering tactics are constantly getting more intelligent. Ever-advancing ransomware tactics and geo-political tensions are also influencing the situation.

Complexities are exacerbated by AI and machine learning. Conversely, AI is increasingly being used by organisations to mitigate risks, playing a crucial role in enhancing cybersecurity by providing advanced capabilities for threat detection, prevention, and response.

Recent research has demonstrated that AI-powered risk analysis can produce incident summaries for high-fidelity alerts and automate incident responses, accelerating alert investigations and triage by an average of 55%. AI models can help balance security with user experience by analysing the risk of each login attempt and verifying users through behavioural data, simplifying access for verified users and reducing the cost of fraud by up to 90%.

AI helps prevent phishing, malware and other malicious activities, ensuring a high security posture. However implementing AI in cybersecurity requires ongoing training and adaptation of models to keep pace with evolving threats.

AI’s efficacy is enhanced when integrated into a comprehensive cybersecurity strategy that combines AI-driven solutions with human expertise. At its essence, it needs the human touch.

Predictive risk assessment has advanced significantly thanks to AI-powered data analytics, which can aid in the development of business continuity and disaster recovery plans, using machine learning algorithms and data processing power to glean insight from large data sets; contributing positively to an organisation’s risk posture. Effective incident recovery plans have proven their worth and these extend beyond cybersecurity into other risks, such as fire, flood, breakdowns and power failures. Even if plans don’t always work, not having something in place is short-sighted. These feed into conformity with reporting legislated around governance, regulatory and compliance requirements, which are in a state of flux as the business cybersecurity environment and expectations of businesses to be socially responsible become more demanding.

It’s anticipated that with changing regulatory and compliance requirements, reporting will become more insistent upon coherent, tangible and transparent feedback in order to be able to be called into question and managed by all stakeholders within and outside an organisation.

Industry experts continually stress to all public and private sector organisations the importance of constantly rethinking their cybersecurity strategies, roadmaps and investments to protect the confidentiality, integrity, digital assets and availability of critical information. This, in itself, presents challenges that can vary depending upon the size of the organisation, its industry, and the complexity of its IT infrastructure. This is where BCX can step in and help with a holistic approach that encompasses continuous assessment, adaptation, and collaboration across different departments within the organisation.

The objective versus subjective can be invaluable when it comes to a cybersecurity posture and external expertise with a depth of resources – like BCX has – supports an organisation, regardless of size and IT infrastructure, to stay informed about the latest cybersecurity trends and technologies.

BCX can help with either the end-to-end security needs of an organisation, or offer a hybrid approach with organisations selecting only what they want to use – whatever is the best-fit. Its service and solutions includes the internal detection, investigation and unsuccessful intrusion and access of threat actor attacks and can also address organisational concerns around external digital assets.

BCX’s Threat Defence Centre (TDC) acts as a centralised function within an organisation, employing people, processes, and technology to continuously monitor and improve security posture, providing a 360 degree view of the digital landscape. 

www.bcx.co.za