Traffic from wireless and mobile devices poses a big threat, especially for the Kenyan market. FILE PHOTO | NMG
I recently came across a captioned image on social media where a
young man is being interviewed at an IT firm and the dreaded question
came up “So what makes you suitable for this job? To which he responds,
“I hacked your computer and invited myself”.
I can
only imagine the interviewers’ bewilderment at his audacity or fear of
what else the young man may have uncovered from the organisation if not
the contents of their inboxes.
Post the interview, I
see management summoning the relevant parties to ascertain the validity
of the young man’s claim, most likely in two ways. The first and obvious
one would be a denial that the organisation’s cybersecurity apparatus
was indeed compromised or go into a state of panic — scrutinizing,
acquiring and spending on different solutions to mitigate any related
incident in the future.
The above scenario has become
an all too familiar headache for Kenyan businesses that are now on the
edge from accelerated risks in and outside the organisation.
In
reaction, businesses procure multiple cybersecurity solutions that work
well on their own but fail to offer wholesome security, further
exposing the business to unforeseen risks.
When you
look at the rush to secure businesses, seldom have I come across
organisations dedicated to staff training and education on their
spending spree. The conversation almost always revolves around what
hardware or software is required, at what cost but overlooks the
greatest software that is our people, what they know and what they can
do.
When a security breach occurs, it is commonplace to
assume that it originates from a foreign country or is the resultant
failure by technology. The reality of this, however, is that regardless
of the magnitude of a security breach, it could be a result of the
actions of someone within the organisation unknowingly facilitating it
or through ill intent.
In the last few years’, Kenya has recorded increased global IP
traffic and a growing consumer appetite for all things technology,
increasing unforeseen vulnerability for consumers, their workplaces and
other enterprises that they interact with.
More
recently, the Immigration Department put out an advisory against some
“scam e-visa application websites”, defrauding people of money and while
mining sensitive and crucial data.
Today, traffic from
wireless and mobile devices poses a big threat, especially for the
Kenyan market given the integration between mobile banking and mobile
money systems — a unique case that could cause the rise of specific
threats.
While there has been growing appreciation of
the significance of cybersecurity planning by Kenyan businesses,
compliance and certification are good to have but they are not a
solution to cyber threats.
What each business and the
industry at large require is an unmatched appreciation of the role of
our staff in combating cyber threats, it is a habit that needs to be
ingrained in each of our organisational cultures just like we consider a
firm handshake and a smile; It is our only way of building
cybersecurity discipline.
Dr Bright Gameli is Head of cybersecurity services at Internet Solutions Kenya.
No comments :
Post a Comment