A Cybersecurity roadmap for the future

Chief Security Officer at Rapid7, Dr Jaya Baloo
Chief Security Officer at Rapid7, Dr Jaya Baloo

Cybersecurity: Protecting our digital future

A multi-pronged approach to cybersecurity is essential, including strong authentication, regular data backups, security awareness and collaborative threat sharing across organisations to secure the increasingly vulnerable digital landscape, attendees heard at the SingularityU South Africa Summit 2024.

World-renowned cybersecurity expert and Chief Security Officer at Rapid7, Dr Jaya Baloo, returned to the SingularityU South Africa Summit 2024 stage once again this year to share her insights on how to guard the digital frontier during her talk ‘Cybersecurity for our future: Innovating tomorrow by securing for today’. Over the last six years of the annual summit, her talks have been some of the most widely attended. This year was no different. This year, the summit is being held in collaboration with Old Mutual.

The lines between cybersecurity, military operations, and civilian activity are becoming increasingly blurred, Dr Baloo explained.

 “Global conflicts that used to be limited to traditional warfare are now turning into cyber wars, with regular civilians getting involved,” Baloo said as she cited examples from recent conflicts, such as the involvement of hacker groups affiliated with Anonymous in the Israel-Hamas clashes, and the co-opting of cybercriminal gangs by Russia to carry out state-sponsored hacking operations. “It’s hard to tell these days whether the attackers are state actors, cyber criminals, or a combination of both,” she added.

One particularly concerning trend is the ease with which anyone can launch distributed denial-of-service (DDoS) attacks using readily available online services because “the internet was never built with security in mind, and that’s why these kinds of attacks are possible”.

See also  Djibouti Forum wraps up with promising agreements, optimism about economic prospects

These virtual attacks have real consequences, not just on individuals but on nations and parastatals too. She pointed to the Stuxnet attack on an Iranian nuclear facility in 2010, and the 2015-2016 attack on Ukraine’s energy grid, which resulted in nationwide blackouts. These incidents illustrate how cyber warfare can cause tangible, real-world damage.

Ransomware has been the single biggest threat to organisations over the past five years, according to Europol’s Internet Organised Crime Threat Assessment. There are over 600 types of so-called ‘ransomware families’. Small- and medium-sized businesses are particularly vulnerable, with the average financial impact of a data breach in South Africa ranging from R100 000 to R10 million.

Therefore, it’s essential for everyone, individuals included, to have a multi-pronged approach to address these cybersecurity challenges. Dr Baloo called on governments to hold vendors accountable for secure-by-design products.

Her key cybersecurity takeaways were:

  1. Implement multi-factor authentication and passkeys on all personal and professional devices, as well as online services and accounts.
  2. Back up data online and offline regularly to mitigate the impact of attacks like ransomware, which can hold data hostage.
  3. Choose a reliable antivirus/EDR solution.
  4. Focus on security awareness, visibility and rapid response.
  5. Diversify your vendors and suppliers to improve cybersecurity resilience.
  6. Improve threat and incident sharing among organisations to improve transparency and the collective ability to respond to cyber threats.

“We need to change the odds in our favour,” Dr Baloo concluded. “Cybersecurity is no longer just an IT problem – it’s a critical issue that affects us all, and we need to work together to fix it.”