[Column] Carlo Bolzonello: Demystifying Cyberattacks on Critical Infrastructure
The notion of cyber-attacks seems distant from our daily lives, as we go about our work, social and family lives. Cyber-attacks feel like they happen to big businesses who can quickly bounce back from them after the issue is identified and fixed– just as quickly as we would bounce back from being sick, once the illness was diagnosed and treated.
Cyber-attacks have the potential to disrupt our lives completely, and in instances where critical national infrastructure is attacked, they could disrupt the country’s entire economy, leading to loss of life and livelihoods.
In the last few years, we’ve already seen successfully targeted advanced cyber-attacks on some of our nation’s most critical economic functions, with devastating consequences.
It’s not difficult to imagine what would happen if an attack was to be directed at one of South Africa’s state-owned enterprises or other essential parts of the country’s infrastructure: the country would be crippled and the economy severely damaged.
With nearly every element of South African society – from our banks and businesses to state owned entities and government departments among others – all making use of the speed, efficiency, and convenience of digital solutions, the country’s digital infrastructure needs a holistic, integrated security ecosystem and a cloud-first approach that makes it possible for all security products to work together.
This would be possible via an extended detection and response (XDR) approach to security, that uses machine learning and automation to complement human skills protects private and public sector environments, helping them adapt and stay agile, and able to respond to active threats through dynamic prevention policies.
By harnessing the power of machine learning and automation to unlock insights and streamline workflows, organizations can stay one step ahead of adversaries, adapt to new threats, and accelerate detection and correction through the entire defence lifecycle.
This ‘living security’ approach makes public sector and private organisations more resilient through the interconnection of a wide variety of threat sensors and capabilities, so they know their operations are protected. It is native and open, and leverages an optimal blend of expert advice, assistance, and automation so security teams are more effective and efficient when incidents happen.
While South Africa does have the Critical Infrastructure Protection Act and Cybercrimes Act in place, the former legislates the protection of infrastructure, while the latter deals specifically with cybercrime, making it easier for investigating agencies to gather evidence of cybercrime, and to seek support from their counterparts in other countries.
The true effectiveness of this legislation is yet to be determined however – but the time to address cybercrime is before it happens, crippling the country’s infrastructure and resources, and before it’s too late to prevent catastrophic physical and reputational damage to the structures that keep our nation alive.