South African firms are paying an average of R18 million to ransomware attackers and, following that action, it can take between one and six months for the business to recover fully from the attack.“This means that from a cybersecurity perspective, South Africa is the fifth worst country in the world,” said Rashika Ramlal, public sector country lead for South Africa at AWS, in her address at the ITWeb Security Summit Cape Town.
First, you need to embed security into every aspect of the business, Ramlal said. “You cannot run security as a project or a programme. It needs to be a core function of your business. It must run as part of your broader operations.” To win over the leadership team, demonstrate the potential impact of an attack – be it on customers or business operations – because impact can very easily be linked to the business’ bottom line, she said.