INTELLIGENT BRANDS // Enterprise Security
that they bring. “A comprehensive
cyberattack insurance cover is
essential for any organisation, as no
one is safe from attacks. It is also
a major challenge for insurance
companies, as attacks are not specific
to any sector or business.”
Traditionally, insurance companies
have been responsible for managing
risks, but because cybercrime is
becoming more dangerous and
damaging, a holistic and measured
approach is needed to fight it.
“In the face of insurers facing an
all-time low retention rate, backed
by growing customer demand and
rising concerns about cybercrime,
it is time that they adapt their
systems accordingly in the fight
against cybercrime. MyCybercare
bridges the gap, providing individuals
and businesses alike insurance
against loss of funds as a result of
cybercrime, while enabling insurers
to stay ahead of customer needs,”
Campbell-Young says.
“We will look to expand quickly across
the globe, having recently completed
a binder agreement with a large
global underwriter. I encourage
interested parties, looking to leverage
regional growth in their relevant
geography, to make contact with me
directly,” he concludes. n
“It is
crucial that
businesses
keep up with
times in terms
of technology
when it comes
to managing
cyberthreats.”
www.intelligentcio.com
The rise of Security
as a Service in the
evolving threat
landscape
T
he constant evolution of the global
security threat landscape is playing
a part in the rise of Cybersecurity
as a Service offerings. In addition,
the evergreen discussion around cost
modelling, namely the ‘capex vs opex’
issue, is also a factor in the promotion
of this type of service, particularly when
it comes to security approaches of
enterprises versus smaller businesses.
This is according to Anton Jacobsz,
Managing Director at value-added
reseller, Networks Unlimited, who
says, “The fact that threats are ever-
changing and mutating is driving a
massive demand for protection in the
IT landscape. However, this need calls
for a significant investment in advanced
threat protection products, such as
Distributed Denial of Service (DDoS),
Sandbox, Web Application Firewall
(WAF) and mail solutions.
“Larger enterprises can absorb the
costs of the security products and
also train their employees to manage
the technologies, and so it is easier
for them to bring cybersecurity for
the organisation into a capex model.
However, the SMME market prefers to
run according to an opex model, as
these businesses can turn services on
and off as needed at a marginal cost.
It is for this market, that the Security as
a Service model, with its flexibility and
scalability, is ideal.”
The way in which larger versus smaller
companies tackle the issue of security
in general differs substantially,
Jacobsz adds, saying, “Enterprise-
level companies have wholeheartedly
invested in a holistic approach to
security. This is driven predominantly
by the advanced knowledge, recourses
and budget to deploy end-to-end
solutions. Enterprises are also more
cognisant of the various Acts that
are enforceable within South Africa,
such as the Protection of Personal
Information Act (POPI) or the National
Credit Act (NCA).
“In contrast, the SMME market follows
a different approach, with different IT
challenges and approaches, and their
plans are driven by budget. Typically,
many of them would start off by
protecting the edge of the network, and
then work their way across the platforms.”
However, it is important for any business
owner to be aware that a smaller
organisation’s reduced size compared to
a larger global entity does not necessarily
protect it against a cyberattack.
Jacobsz notes that many SMMEs think
they won’t be affected by ransomware
or any other type of hacking threat,
because they are not large enough to
matter to hackers. He clarifies, “Real
ransomware enforces one simple
underlying outcome: to make money,
the ‘from whom’ does not matter. A
ransom is a small amount paid in bitcoin
for its untraceable capabilities.
“All South African companies should
fear a cyberattack. This includes both
direct attacks, where your business
infrastructure has been studied for
weaknesses, and indirect, where your
business may not be the goal, but as the
weakest link in the security chain it is a
means to an end to attack the actual
target – be it a supplier or client.”
According to Jacobsz, we further need to
remember that network security requires
a multi-pronged approach, as modern-
day networks are borderless. “With
threats coming from all over the world,
this means that cybersecurity by nature
must be a continually evolving field.” n
INTELLIGENTCIO
55