Internet Solutions Kenya has introduced an enterprise security solution aimed at mitigating, securing and ensuring continuity for businesses
At a briefing for financial institutions, the company said the proactive enterprise cyber solution – an intuitive security suite – will aid businesses in the development of strategies and policies to mitigate cyber risk in the face of increasing exposure. This comes on the back of a November 30, 2017 deadline set by the Central Bank of Kenya for financial institutions to implement new cyber security guidelines.
“The question for most businesses today is not what if a cyber-attack occurs, but when it will occur. While there has been growing appreciation of the significance of Cyber Security planning, this has set organizations into a state of panic, acquiring and spending on different solutions that fail to deliver holistically, a gap that Internet Solutions is looking to fill. Businesses have invested in too many solutions that work well on their own but don’t offer efficient security; exposing them to unforeseen risks,” said Dr Bright G. Mawudor, Head of Cyber Security at Internet Solutions.
In August 2017, the Central Bank of Kenya issued a guidance note on Cyber Security for the banking sector, which outlines the minimum requirements to enhance their Cyber Security. The note singles out the creation of a culture of ownership by the board and senior management, regular independent assessment and testing, and a collaborative approach between audit and risk to understand the cyber threat landscape.
The note further states that institutions should engage external consultants with sufficient cyber security expertise to assist in understanding their threat landscape, by carrying out an independent cyber threat testing at least once a year.
“While Compliance and certification are good to have, they are not a solution to cyber threats. For Kenyan businesses to achieve Cyber Security resilience, they will be required to carry out continuous security assessment and gap analysis to test the validity of their plans” Said Dr. Bright.
Locally, increased global IP traffic, and a growing consumer appetite for all things technology have increased unforeseen vulnerabilities for Kenyan enterprises. This has seen organizations that have not yet suffered a security breach content on the safety of their networks, while those affected have had to manage public trust thereafter, increasing the need to protect businesses from unforeseen vulnerabilities.
“Traffic from wireless and mobile devices poses a big threat especially for the Kenyan market given the integration between mobile banking and mobile money systems – a unique case that could cause the rise of specific threats. This calls for a robust and strategic approach to adequately tackle enterprise security, which is currently not clearly defined across various industries/organisations. It is therefore critical that even as businesses put in place Cyber Security plans, they invest in regular training for all their staff,” added Dr Mawudor.
The Proactive cyber security solution suite will enable businesses to ramp up their cyber security landscape through creating a safer and more secure cyberspace, establishing a coordinated approach to the prevention of cybercrime, ensuring operational compliance, skills development, business resilience and training.
“Having a cyber security plan in place is noble, but its’ life line is in continuous security assessment, gap analysis and training to match the evolution of cyber attacks. To achieve compliance, an organisation requires at least six weeks to put in place a functional cyber security strategy. Given the rush to beat the deadline for financial institutions, and the cost implication therein, it is necessary for businesses to start off by developing sound business continuity plans, which will augment the Cyber Security strategies.