Cybersecurity expert at Mimecast, Mikey Molfessis, tells the Business hour, “detections of impersonation attacks, known and unknown malware, spam and blocked clicks increased by 41% in sub-Saharan Africa from 2019 to 2020”,  and the situation does not appear to be improving. With the implementation of the newly greenlit versions of the Protection of Personal Information Act (POPIA) coming in June 2021, Molfessis, stresses the importance of businesses investing in tightening their cybersecurity.

He says when a company is faced with a cyberattack, this results in reputational damage. Clientele realise that handing over their data to an organisation that is vulnerable to hackers is problematic to say the least. Furthermore, Molfessis says their studies reveal that it takes, roughly three days for an organisation to retrieve hacked data from criminals, resulting in a loss in productivity. He says this ultimately translates to a loss in money as well, because businesses are unable to process certain transactions or access key information during the attack.

With specific reference to the Protection of Personal Information Act (POPIA), the Mimecast expert says it is import for companies/businesses to have cyber resilient strategies in place. This doesn’t mean that they can be penalised if they’re hacked, it only means they need to have a planning, response and method of recovery strategy in place, in case such a thing does befall an institution.

Molfessis concludes the conversation by advising all South Africans to create complex passwords, to not use the same password on different sites and utilise multi-factor authentication where it is possible.

He says everyone should always have a backup of their data in three different places, “in two different environments, one of which being off-site”. 

“As we observed World Backup Day on March 31st, it is an opportune time to better understand the role that data backups and archiving can play in enhancing an organisation's cyber resilience. With the right solutions in place, organisations are more like to recover from a successful attack, with minimal interruption to the business, its employees and its customers” says Molfessis.