Implementing measures to prevent a cyberattack from happening in the first place should be a top priority for companies.
As the coronavirus forces more people globally to work from home, we are becoming increasingly reliant on technology to live, work and play. However, many organisations are ill-equipped to deal with employees working remotely and the cybersecurity risks that come with it.
With the commencement of South Africa's Protection of Personal Information Act, 2013 (POPIA) on 1 July 2020, it has never been more important to ensure the security of organisational data. How can companies protect themselves from this scourge? One way is by implementing the global standards set out in ISO Standards 27001, 27005 and 27032.
Unintentional and intentional human actions
In response to the ever-changing and complex nature of work and systems, organisations have a wide array of systems, controls, processes and procedures to safeguard client data and company intellectual property, such as firewalls, regular password changes and multi-factor authentication. However, these safeguards can be rendered ineffective if employees compromise them by, for example, accessing websites that are infected with viruses.
Occasionally, and perhaps due to economic pressures experienced by staff (especially during the pandemic), employees may also find...