printer friendly version

Operating in a security conscious market

The IT security market continues to be influenced by issues like social engineering, identity theft and compliance with legislation.

Corporate South Africa should associate IT security with more than just efforts to protect the business against external threats.

Traditionally, this segment of the market has been largely defined by policy creation and implementation. The main objective of formulating and integrating this policy has been to organise a united front to fend off threats such as viruses, worms, spam and Trojan horses.

At the same time, policy addresses specific practical, operations-focused procedures regarding the security of systems. It is inextricably linked to corporate governance and serves as a reference guide to monitor the role played by technology and people.

This is especially relevant given the need for businesses to comply with legislation.

Security service providers are called in to protect the parameter of the business and ensure that all employees fully grasp the intricacies of policy and procedure. The main priority has been to safeguard the integrity of data and decision makers are quite prepared to invest strategically in technology to meet this core business requirement.

But IT security is no longer limited to securing systems and implementing anti-virus.

Innovation in applications, an increase in volume and variety of digital devices and the surge in electronic communication and networks has impacted on the growth of the sector.

In many ways IT security now mirrors the ongoing focus on personal security and has evolved to incorporate far more than just hardware, software and unfolding information wars in cyber space.

Cyber criminals have been quick to develop their techniques and improve their modus operandi in order to capitalise off the convergence of digital devices with online technology.

As such, businesses and individuals need to seriously consider the risks associated with realtime communication. These risks find form in threats such as smishing and phishing, both of which rely on social engineering tactics to gain advantage over victims.

Smishing is the term used to describe an attempt by cyber criminals to illegally solicit personal information and/or spread digital threats by using SMS technology and connectivity to mobile devices.

It is disturbing to note the visible rise in digitally-based, socially-executed attacks.

There have been several reports of late of school children being physically assaulted whilst fellow pupils record the attack and review and swap footage on their mobile phones.

Online chat rooms and dating services, especially those accessed via cellphones, are often used by individuals to stalk their victims.

It is this need for vigilance and scrutiny when using communication technology that compels service providers, technology vendors and resellers to better understand the social side of IT security.

The implications of an apathetic approach to this growing problem are worrying given the growth of the mobile and wireless market.

Clint Carrick is the CEO of Carrick Holdings.

Share this article:

Further reading: