Over the last two years cybercrime attacks have increased dramatically.
In its latest State of Email Security 2022 report, Mimecast surveyed 1 400 IT and cybersecurity professionals across twelve countries and what it found was cause for concern.
The headline here is that cybercrime affects every company no matter how big or small.
“Ninety-four percent of South African companies have been targeted by an email-related phishing attack in the past year, with nearly two-thirds citing an increase in such attacks,” cybersecurity expert at Mimecsat, Brian Pinnock said in a statement.
“The cost of ransomware attacks are also piling up, with three in five organisations (60%) citing damage from a ransomware attack – up from less than half (47%) in 2020. And of companies paying the ransom, the average ransomware payment breached R3.2-million, despite nearly half (43%) of such payments resulting in companies being unable to recover their data,” adds Pinnock.
Those ransomware payments would be better spent on cyber resilience. As many as 97 percent of respondents from South African organisations stated they have been negatively affected by a lack of budget for cyber resilience efforts.
This creates something of a vicious cycle because without adequate budget, more incidents are likely to occur. Further to this, Mimecast found that 49 percent of organisations surveyed had experienced business disruptions due to lack of preparedness, 48 percent experienced data loss and 42 percent saw an impact on employee productivity.
“There is an important conversation to be had in the boardrooms of corporate South Africa,” says Pinnock. “Without adequate budget allocation, our public and private sectors will continue to be vulnerable to attack, at great cost to organisations and their customers.”
After suffering a cyber attack, companies experience 11 days of downtime on average but 10 percent of survey respondents reported downtime of more than three weeks. This amount of time can cripple organisations
What is interesting to note is that 46 percent of organisations believe that they will see an improvement in their cybersecurity because of government mandates such as the Protection of Personal Information Acts and the Cybercrimes Act.
However, cyber resilience doesn’t just automatically follow government mandates and companies must invest in their protection. Without adequate budget, vulnerabilities will fester until they create a massive hole for ne’er-do-wells to slip through.
“Allocating adequate budgets, implementing effective technologies and controls, and instilling a culture of cyber awareness throughout the organisation, all build toward greater cyber resilience and can help companies prevent and recover faster from cyberattacks. In light of the continued global instability and increasingly disruptive business environment, organisations will need to urgently address shortcomings in their cyber resilience efforts – or risk suffering devastating consequences,” Pinnock concludes.
You can find Mimecast’s State of Email Security 2022 report here.
[Image – CC 0 Pixabay]