cyber-war-cyber-attack-it-security
4.9 Stars - Based on 87 User Reviews

An interesting article recently published by ITWeb suggested that South Africa could be caught in the cyberwar crossfire between Russia and Ukraine. Although cyber security experts in South Africa do not feel that our country will experience a direct attack, they believe South Africa is at risk of supply chain disruptions. Therefore, local businesses should be on high alert regarding their cyber security updates.

Microsoft Threat Intelligence

Microsoft has a dedicated Threat Intelligence Centre which conducts security research and gathers threat intelligence from a global network of experts. This Centre is already detecting offensive and destructive cyber-attacks against Ukraine, and in response, Ukraine has established an IT Army to hack Russian companies and their allies.

The resulting cyber war will inevitably affect many critical infrastructures, including electricity, water, communications, transport, and banking sectors, which can already be seen, and IT security departments need to be prepared.

Measures South African Companies Can Take to Minimise Impact of a Cyber War

While cyber-attacks are relatively easy and inexpensive to perform, protecting businesses from such attacks are becoming increasingly more costly.

However, there are measures that South African businesses should consider to minimise the risk to their companies. These actions include everything from implementing protective measures responding to incidents to mitigating the liabilities. In some of Westech’s previous articles, we pointed out that regular security updates, multi-factor authentication and restricting administrative access should be the first considerations for prevention.

IT Backups, Response and Recover Plans

Preventative measures also include updating your security backup plan to have an offline backup process. This will ensure that any party with malicious intent cannot locate and delete your backups. In addition, your latest in-depth incident response plan should be communicated to all relevant role-players to minimise risks in the event of a cyber-attack. Furthermore, a recovery plan must be drawn up, describing the business’s process to recover from a cyber-attack and the necessary security controls implemented.

In the event of a cyber-attack occurring, it is vital that, once the immediate steps are taken to minimise any disruption, all company devices are cleared of the virus or malware to restore the systems.

Microsoft 365 Defender

Microsoft’s Defender products provide protection against cyber threats posed by links, email messages, and collaboration tools. MS Defender for Office 365 includes:

  • Threat protection policies.
  • Threat investigation and response capabilities.
  • Automated investigation and response capabilities.
  • Real-time reports.

Microsoft also provides MS Defender for the Cloud, Identity, and Endpoint, depending on your application. MS Defender for Identity allows possible identity-based threats, while Defender for Endpoint uses Artificial Intelligence to gauge system threats.

As users face more frequent attacks across multiple domains, Microsoft 365 Defender is essential to evaluate, identify and restore these domains to a safe state. To learn more about protecting your Office 365 against advanced threats and improving your IT security team’s effectiveness and efficiency, request an IT security discussion with Westech.

Westech is a preferred IT support company that has been providing professional IT services in South Africa since 1994. We have a proven track record of outstanding service levels to our clients, whether located locally or internationally.