Cyber security: It takes a village
There’s an African saying that it takes a village to raise a child and according to a Botswana-based cyber security expert, it’s time we apply that principal to tech, particularly cyber security.
Dr. June Jeremiah is the founder and CISO at MSC Security Solutions. He says the inevitability of cyber-attacks means organisations should be sharing the data from their own breaches, to strengthen the security ecosystem.
“Cyber security is becoming a complex issue in the digital era. As CISOs, we should be constantly asking ourselves, is my organisation next? How much do I stand to lose in the event of a breach?”
“And if I am eventually attacked, I should let other security practitioners know how it happened so that they know what to expect. If you're silent, you're being irresponsible.”
Following various international roles in technical support, fraud investigation and R & D, 32-year-old Jeremiah founded his company in 2009 and is currently in the final stretch of his cyber defense PhD from the Dakota State University in America.
MCS Security Solutions is a leading and trusted cyber security partner in Botswana specialising in various InfoSec solutions and services such as training and certification, penetration testing, computer hacking investigation, PCI DSS (Payment Card Industry Data Security Standard) consultation, ISO/IEC 27001 compliance.
“We have earned our reputation for integrity and best practices through the provision of innovative cyber security solutions that add value to our clients from various industries locally, regionally and internationally.”
Think like a CISO
He says at the start of Botswana’s lockdown in April MCS began receiving enquiries on securing networks and VPNs.
“A lot of companies weren’t prepared for a disaster. They now faced the risk of employees having to use their own devices for work, devices that might already have been compromised. So we helped different companies design business continuity strategies, prepare for cyber scams and trained staff to help them understand the risks that come with a disaster such as the pandemic.”
Jeremiah believes in prioritising people, processes and technology in implementing effective information security programmes. He says that while security strategies may be in place, it’s important to ‘train staff to think like a CISO’.
“Failure to get staff to consider their cyber behaviour isn’t only an IT-related risk; it’s a business risk because cyber security is everyone’s responsibility and it becomes more effective when employees are educated on cyber vulnerabilities.”
On the future of the global cyber security threat landscape, Jeremiah says ever-evolving tech provides hackers with a wide range of devices to attack and more vulnerabilities to exploit.
“Even unsophisticated hackers will take advantage of automated tools to compromise vulnerable organisations. To defend against such cyber-attacks, it is necessary for organisations to implement defense mechanisms such as staff education and regular penetration tests, he recommends one every two months to patch vulnerabilities before attackers exploit them.