As digital transformation continues to accelerate, driven in large by the ongoing COVID-19 pandemic, organisations can no longer depend on a traditional network and perimeter-based approach to cybersecurity to protect their critical data.
With the adoption of the Work from Home (WFH) culture, organisations have to deal with distributed workforces and architecture. This means traditional boundaries are becoming increasingly blurred and IT environments can no longer be protected by a well-defined perimeter. Unfortunately, the upshot is a significant increased cybersecurity risk for organisations. The problem is further compounded by changing user behaviour, different demands placed on IT systems and the ever-increasing importance for remote workforces to be able to use, create and share sensitive data.
As a result, a mesh approach to cybersecurity is far more comprehensive and relevant in the digital era. This calls for us to move away from a perimeter-based security stance and into an environment where location and user behaviour pose the biggest challenges to security. A cybersecurity mesh is a distributed architectural approach to scalable, flexible and reliable security control. As many assets now reside outside the traditional security perimeter, the cybersecurity mesh allows for the security perimeter to be defined around the identity of a person or device.
While this is not a new concept, it is becoming increasingly relevant in the modern era where cyber threats are no longer positioned to breach the perimeter. They now reside within an organisation’s distributed environment and can be awoken at any time.
Unfortunately, cybersecurity remains an afterthought for many local organisations, both in the private and public sectors, bestowing upon us the dubious honour of being the third most attacked country in the world. We still have a very long way to go, not only in terms of how we adopt cybersecurity technology, but also in terms of governance and compliance with laws and regulations.
Due to South Africa finding itself at such a nascent stage in terms of cybersecurity, data breaches and ransomware attacks against organisations have become all too commonplace, especially over the past two years. Yet, these attacks can be avoided or mitigated to some extent if local organisations place greater focus on adopting a cybersecurity mesh approach.
While cyberattacks can never be fully eradicated or avoided, complex cybersecurity architecture can make it more difficult for hackers to strike and can slow down an attack, alerting an organisation that it is under threat and giving it time to react.
Hence, the modern enterprise should strive to adopt a holistic approach to cybersecurity. This is not only based on technology, but also on awareness and adherence to internal policies, as well as laws and regulations specific to the industries and countries within which they operate. In addition, cybersecurity strategies should not only focus on the protection of technology and devices but be designed to protect the movement and consumption of data inside and outside of the organisation.
We must keep in mind that cybercriminals are always at least two steps ahead and will more likely attack a softer target that is easier to crack. Organisations that adopt a complete cybersecurity mesh approach and construct a full lifecycle cybersecurity strategy will at least be able to delay and avoid attacks better than those that take it less seriously.
While some South African organisations have good cybersecurity strategies in place, most do not. It is perhaps human nature to not invest heavily in cybersecurity, as it produces no tangible returns, so many see cybersecurity as not much more than an insurance policy which they hope they will never have to use. As a country, we still have much to do in this space.