Cybersecurity South Africa
What is POPIA and What Does it Mean for Cybersecurity
With an inundation of information from all angles regarding The Protection of Personal Information Act (POPIA), and the 1 July commencement date quickly approaching, organisations could be forgiven for feeling more than a little overwhelmed. Emmanuel Tzingakis, Technical Lead for Trend Micro Sub-Saharan Africa, contemplates how POPIA can assist organisations to secure their data and be better enabled to handle any potential cyber threats. What is POPIA? With personal information becoming a hot commodity on the dark web it is critical to understand exactly how to protect data from cybercriminals. A recent global survey revealed that 79% of organisations experienced disruptions, financial loss or other setbacks due to a lack of cyber preparedness in 2020. As work from home strateg...
7 Cybersecurity Precautions South Africans Should Take
Cybercriminals aren’t easy to detect and present a real risk to their victims. The best way to avoid becoming a victim is to be aware of the threats they pose and take every precaution you can to keep yourself safe. According to Giuseppe Virgillito, FNB Head of Digital Banking, the remote living and working requirements of lockdown have meant that most people are communicating digitally – and criminals often use this to their advantage to gain people’s trust in order to steal sensitive information, money or both. “Fraudsters are constantly looking for new ways to get to your information,” explains Virgillito, “and if customers or businesses let down their guard as a result of physical distancing and the need to transact or operate digitally, that unfortunately presents fraudsters with anot...
New POPI Act Regulations – Here’s Everything You Should Know
Sourced from Europa EU. Progress is being made to promote the protection of personal information in South Africa. President Cyril Ramaphosa has announced the commencement of parts of the Protection of Personal Information Act (POPIA). The remaining provisions of the Act will be addressed once the Information Regulator assume its powers, functions and duties in terms of the Act. The sections that will commence today, 1 July 2020 and include the conditions for processing personal information, procedures for dealing with complaints and provisions regulating direct marketing by means of unsolicited electronic communication. Sections 2 – 38, 55 – 109, 111 and 114 (1), (2) and (3) commences on 1 July 2020 and Sections 110 and 114(4) will commence on 30 June 2021. What does this mean? According t...
South African Organisations Lag Behind Global Average of Cybersecurity Resilience
Email and data security company, Mimecast, unveiled its fourth-annual State of Email Security 2020 report. This report summarises details from 1,025 global IT decision-makers on the current state of cybersecurity. The findings in this year’s report demonstrate that despite high levels of confidence in respondents’ cyber resilience strategies, there is a clear need for improvement. While a large majority (77%) of respondents say they have or are actively rolling out a cyber resilience strategy, only 62% of South African organisations are doing the same. Yet an astounding 47% of local organisations – and 60% of global ones – believe it is inevitable or likely they will suffer from an email-borne attack in the coming year. South African respondents cite data loss (35%), a decrease in employee...
Web Skimming – A New Way to Steal Payments from Online Shoppers
Sourced from IOL. Researchers from cybersecurity and antivirus experts, Kaspersky, have uncovered a new technique for stealing users’ payment information on online shopping websites – a type of attack known as web skimming. Web skimming is a popular practice used by attackers to steal users’ credit card details from the payment pages of online stores, whereby attackers inject pieces of code into the source code of the website. This malicious code then collects the data inputted by visitors to the site (i.e. payment account logins or credit card numbers) and sends the harvested data to the address specified by attackers. Often, to conceal the fact that the webpage has been compromised, attackers register domains with names that resemble popular web analytics services, such as Google Analyti...
