Read time: 3 minutes

Consumer hyper-awareness - time for a security reality check

By , Portals editor
Africa , 16 Jul 2015

Consumer hyper-awareness - time for a security reality check

While there is a growing sense of urgency within the IT security ecosystem over the need to unite against threats, the escalation of these threats and advent of consumer hyper-awareness continues to make a major impact.

In a discussion about the rise of consumer awareness, hosted by multinational application delivery networking technology specialist F5 Networks in Johannesburg, it was agreed that the reality facing customers and companies is that security is now part of everything.

"No customer looks at deploying any application without understanding 'how am I firstly going to secure this application, the data', and 'how am I going to ensure that the requests coming in is a request that is valid and not a meshed attack from a hacker of some sort'," said Alex Russell, sales director from EOH, an F5 Networks partner.

Russell added that from a customer point of view, any solutions being deployed has security built in, it is not an afterthought. "And the request and requirement from customers is 'so what else should we be looking at?' 'what other initiatives should we be looking at?' in terms of , if we're collecting a lot more of this data and consumers are becoming a little more apprehensive, about what are we using this data for, where is this data being collected and who has access to this... undeniably, security is top of mind."

The mobile space warrants closer consideration. Customers and Original Equipment Manufacturers are looking to drive mobile applications and micro mobile applications...."users are more inclined to give information in this space. You are not going online, so what has really changed? Because you are just changing the device and changing the interface, still, but the request is still the same," Russell continues.

Another reality of the IT security ecosystem is that companies in Africa are on par with global counterparts when it comes to the level of awareness around security issues, according to F5 Networks and its partners.

Gary Newe, director for field systems engineering for the UK, Ireland and sub-Sahara Africa at F5 Networks, said, "There is a general consensus in the security industry, and it is gaining momentum, that the type of solutions that we used to use to secure our networks and our applications are not up to the job anymore. If you look at any of the major hacks that have happened, big companies, they had big security budgets, they had best-of-breed, big budgets... they had everything. A lot of the companies are as aware, and I think a lot of security professionals are starting to wise up to the fact that actually what we're doing now is not enough and is not working."

Carlos Marques, director, sales for sub-Saharan Africa at F5 Networks added, "It depends on where in Africa and what kind of environment you are talking to, in which segment of the market, so some are more aware than others. I think an interesting trend and because of the mobile explosion, is having a way to set up environments where you are not dependent on the end user of the device to do anything to ensure that things are secure... if you have solutions in place to ensure that that happens and you take away the onus of the actual end user having to do things and put things on their phone or their PC to ensure it is secure, then you can really start ensuring that there is proper security."

Other issues, including ecommerce, loyalty programmes, identity theft going viral and the need for security to adapt to individual circumstances, are entering mainstream discussion over digital and information security.

The message is from an IT vendor point of view, collaboration is critical to share information and protect the application and ensure that information is going out.

Scott Carver, information security consultant at Aptronics, said, "Security is a mile wide and inch deep and you cannot manage what you can't measure. So when you start talking about security posture and you start talking about your organisation, you know, going and buying tools is of no value if you don't know what you are doing, if you don't know what you are measuring and you start implementing, but you don't know what gain there is...security is evolving... its about having honest conversations with business stakeholders, what is the cost of a data breach to your business?"

Daily newsletter