By MTHULISI SIBANDA
JOHANNESBURG, (CAJ News) – SOUTH African small and medium enterprises (SMEs) have been urged to guard against data breaches following high profile intrusions recently.
Ashley Madison, the Canadian online dating service, and Sony Pictures, the movie maker, have during the period suffered such setbacks.
Risk Benefit Solutions (RBS), one of the country’s largest independent insurance and risk specialists, nonetheless said cyber-attacks and crime were not always associated with large companies as smaller businesses were also much at risk.
Gillian Wolman, CBS Head of Litigation, said small and medium enterprises should therefore be contemplating the potential impact of a data or privacy breach, as well as an ever increasing extortion exposure.
“The reality of doing business in the modern world is that businesses are almost completely reliant on technology. While legislation requires businesses to protect their customers’ confidential information, many
businesses remain unprepared or unprotected due to the technical nature of the necessary security or the associated costs,” said Wolman.
Her sentiments are in line with KPMG’s Global CEO Outlook 2015suggesting that although cyber security is one of the five top risks that chief executive officers are most concerned about, only 50 percent of the CEOs are fully prepared for a cyber-attack.
The KPMG report explains that cybercrime is an unpredictable risk, and according to Greg Bell, KPMG’s US Cyber Leader, until recently, there has been too much attention focused on prevention and not enough on protection and response.
Wolman noted that in South Africa, the Protection of Personal Information (POPI) Act requires local businesses to realise the importance of not only compliance to the Act, but also have financial cover in place should they fall victim to a cyber-attack.
Wolman said non-compliance to the Act could have disastrous consequences for businesses, including SMESs.
“Harsh penalties of up to R10 million, as well as 10 years imprisonment, are a very real possibility for business owners and directors that fail to prevent network breaches,” she said.
– CAJ News