Content Hub Image Copy

Protect Your Digital Assets Against Data Breaches.

Data breaches have become a prevalent and concerning threat for organisations across all industries, particularly financial services companies. A data breach occurs when there are reasonable grounds to believe that any unauthorised person gains access to or acquires the personal information of a data subject. Personal information can include sensitive or confidential information, such as customer data, financial records, or intellectual property. These breaches can have far-reaching consequences, affecting not only the organisation’s reputation and financial stability but also the privacy and security of employees, clients, and individuals whose information has been compromised.

You Are Your Organisation’s Best Defence Against Cyberattacks.

The term ‘human firewall’ has become commonplace because people have an important role to play in ensuring that hackers and cybercriminals don’t breach a company’s network and exfiltrate data. A few small, smart moves and habits by you could keep your organisation’s data safe.

Data breaches can be a major source of stress for the victims and may lead to them to feeling vulnerable and even distrustful of online platforms.

It would be lovely to think that South African institutions are not as enticing as large American or European institutions, but that’s simply not true. In fact, South Africa is the sixth most targeted nation worldwide for cyberattacks. How you work online, your password hygiene and how vigilant you are against phishing attempts matters. Consider some of the recent hacks South African businesses (and people) have suffered:

TransUnion hack (2022): Cybercrime group N4ughtySecTU demanded $15 million (R223 million) ransom over four terabytes of compromised data. The group also claimed it had accessed 54 million personal records of South Africans, including the personal details of President Cyril Ramaphosa.

Dis-Chem (2022): Dis-Chem’s third-party service provider, Grapevine, suffered a brute force attack by an unauthorised party. A brute force attack is aimed at cracking a password by continuously trying different combinations until the right character combination is found. 3.6 million client email addresses were stolen.

Experian (2020): Experian handed over personal information of their South African customers to a fraudulent client. Approximately 24 million individuals and around 793,000 local businesses were impacted. These data leaks highlighted the importance of data security and the need for organisations to prioritise the protection of users’ personal information and for employees to remain vigilant.

What can you do to prevent a data breach?

You play a vital role in preventing data breaches, especially when working in a hybrid context. Here are some actions you can take to prevent a data breach from your device:

Adhere to security policies and procedures

Familiarise yourself with the data security policies, procedures, and guidelines, and adhere to them consistently. This includes using approved devices, software, and communication tools, as well as following best practices for data protection and privacy.

Use secure networks

When working remotely, connect to secure and trusted networks, such as your home Wi-Fi network or a company-provided VPN (virtual private network). Avoid using public Wi-Fi networks or unsecured connections, as they can increase the risk of unauthorised access and data interception.

Keep devices secure

Ensure that your work devices, including laptops, desktops, smartphones, and tablets, are always kept secure. Use strong passwords or biometric authentication to secure device access, enable encryption for data storage, and install security updates and patches regularly to address known vulnerabilities.

Practice safe email and web browsing

Exercise caution when opening email attachments, clicking on links, or visiting websites, especially if they appear suspicious or unsolicited. Be wary of phishing emails, social engineering tactics, and malicious websites designed to trick you into disclosing sensitive information or installing malware on your device.

Secure data storage and transmission

Use secure methods for storing and transmitting sensitive data, such as encrypted file storage and secure file transfer protocols. Avoid storing sensitive information on unsecured cloud services or sharing it via unencrypted channels, as this could expose it to unauthorised access or interception.

Stay vigilant against social engineering

Be alert to social engineering tactics used by cybercriminals to manipulate individuals into divulging confidential information or compromising security controls. Verify the identity of unknown contacts or requests, avoid sharing sensitive information over unsecured channels, and report any suspicious activity to the Cybersecurity team.

Conclusion: Report security incidents promptly

If you suspect that your device has been compromised or notice any unusual activity that could indicate a potential security incident, report it immediately to the Cybersecurity team or helpdesk. Prompt reporting allows for timely investigation and remediation of security incidents, which helps to minimise the impact of data breaches.

By understanding the importance of data security and your role in protecting sensitive information, you can contribute to a culture of cybersecurity awareness and resilience which Sasfin has taken proactive measures in mitigating the risks associated with data breaches and ensuring the trust and confidence of clients and stakeholders alike. Embracing a proactive approach to cybersecurity can significantly reduce the likelihood of a data breach, fostering a safer digital environment for everyone involved.

About the Author

Del van Rooyen
Chief Information Security Officer, Sasfin Holdings Limited

> }

Offcanvas Title

Default content goes here.