Is your data under attack? Putting customer data first

By Chris Ogden, CEO of RubiBlue

Chris Ogden is the CEO of RubiBlue and a believer in innovation and the potential of digital to redefine an organisation’s productivity and innovation. He has spent his career on the edge of digital development and is focused on building solutions that help companies achieve measurable results.

Your data is under attack. Your customer’s data is under attack. And you are the one held responsible if any of these attacks are successful. Laws like POPIA and GDPR fine companies that aren’t paying attention to cybersecurity and that haven’t put systems in place to protect the data and the business against the onslaught. And it is an onslaught. IBM’s Cost of a Data Breach Report 2021 found that there has been a 10% increase in the average total cost of a breach from $3.86 million to $4.24 million. Then, if the breach or security incident falls under the jurisdiction of the Protection of Personal Information Act (POPIA), the cost could then increase by another R10 million. 

These are not high cost events that only affect companies in other countries. This is happening to organisations of all sizes right now. It’s a rough landscape with companies struggling to find their footing and improve their security posture without crushing their budgets or losing focus on their business. 

If the business can’t afford to hire a Chief Information Security Officer (CISO) or build an in-house security team, there are some steps that can be taken to put the business on the right foundation and put customer data at the forefront of security and decision-making around security.

Focus on the cybersecurity landscape

Identify potential gaps, look at potential vulnerabilities, and pay attention to internal training and skills development. If your people can’t identify a phishing email, then it won’t matter how much security you put around the perimeter, they will let the hackers in by making a silly mistake.

Hire a hacker or a penetration (pen) testing team and offer them an incentive if they get in. They’ll do their best to breach your defences and will find every hole and issue in the process. It’s a win-win that could save you a lot of money in the long term. You also need to make sure that both your pen testing and your training are consistent. 

This has to be part of a bigger strategy and an investment into building a security culture within the company. 

Update your systems and pay attention to regulations

Update everything all the time. Today, some of the biggest breaches have been through systems that have missed a vital update. Companies like Microsoft spend billions fixing vulnerabilities and finding holes and plugging gaps so it only makes sense to use these fixes. Take ownership of the security problem and invest into the tools, training and solutions that will ensure your business is secured as tightly as possible. It may not keep the criminals out, but it may protect you from the reputational and financial costs of non-compliance. 

Finally, and extremely importantly, work with a trusted third-party service provider who can collaborate with you on assessing your compliance posture and help you to tick all the boxes and stay absolutely ahead of the regulations. There are innovative solutions out there that make it far easier for you to check the rules, adapt your systems, and stay compliant without breaking the bank, or your admin back. 

Missed out on Sentech Africa Tech Week 2022? Catch up on all the action: