What we can learn from SA’s biggest port being hacked

August 6th, 2021

Transnet was forced to declare force majeure in late July after experiencing a cyber-attack. As South Africa’s largest port operator, the state-owned freight enterprise was forced to bring operations to a grinding halt at container terminals in Durban, Ngqura, Port Elizabeth and Cape Town and send many of its employees home while it grappled with the security invasion.

Beware of this legit-looking COVID-19 scam

July 26th, 2021

Liza Weschta, Cybersecurity Product Manager at Numata Business IT, received a legitimate-looking COVID-19 phishing scam/ business email compromise (BEC) attack.

The email looks as though it comes from the Gauteng Health Department regarding COVID-19 vaccination, complete with the legitimate logos and email signatures one would expect to see in an official provincial government email.

What is consent phishing (and how can you avoid it)?

July 26th, 2021

Scammers are always looking for new ways to breach security measures as they are improved. While more platforms are adding support for Multi-factor Authentication (MFA), scammers have now found a way around it, called consent phishing.

Attackers usually start by registering an app with an OAuth 2.0 provider, such as Microsoft’s Azure Active Directory. The attacker will make sure the app looks trustworthy. They might use the name of a well-known product, or an association with a particular respected brand.

Why effective staff training is key to POPIA compliance

July 20th, 2021

The South African Protection of Personal Information Act is now in full effect, as of July 1, 2020. Companies and organisations in South Africa have been given a 12-month grace period, after which compliance will be enforced with the full effect of the law.

Why business leaders need to care about cybersecurity

July 20th, 2021

In our previous series on cybersecurity, we pointed out that one of the best ways for small- and medium-sized businesses to combat cyber threats is to invest in cybersecurity awareness training. This strategy can go a long way in helping employees stay safe and keep a company’s systems from harm, but in order to get buy-in from staff, there needs to be a concerted effort from leaders to actively support this training.

How to manage hybrid working

July 13th, 2021

Companies of every shape and size are re-evaluating the way their employees work. Forbes recently reported on several major UK companies anticipating a move to the hybrid model, where employees divide their time between the office and home. Nedbank, one of South Africa’s biggest banks, also announced its intentions to only have 60% of its staff on its campuses on any given day. In fact, Gartner estimates that by 2022, 25% of the global knowledge workforce will choose their home as the primary workplace, and 45% of the workforce will be working from home two to three days per week.

5 Steps to avoid ransomware threats

July 7th, 2021

According to Gartner research, 27% of malware incidents reported in 2020 can be attributed to ransomware and cyber intelligence firm Group-IB estimates that the number of ransomware attacks grew by more than 150% in 2020. Companies need to prepare for ransomware attacks before they happen – or risk being unable to recover in the face of an event.