What do dick pics and passwords have in common? Neither should be shared.

Your passwords should be treated like your underwear they should not be left in the public and changed regularly.

In recent weeks we have seen a massive increase in the number of sextortion attempts – televised on the likes of Carte Blanche, friends and family members have all been at the wrong end of attempts to fraudulently get you to part with your hard-earned money.

Trusting people looking for the perfect match, bored partners or undercover porn viewers are being increasingly targeted by groups of people that will work on insecurities, naivety and poor cyber security behaviour to coerce unsuspecting victims into parting with their money in order to prevent embarrassment.

I have seen several versions of the attack, some via WhatsApp and other via email.

The WhatsApp variety is very common – boy meets girl by swiping right. The match is made and introductory texts are exchanged. Almost immediately the beautiful girl shares intimate pictures and asks for the same in return. There is an almost aggressive exchange to ensure that you send compromising photos that include your privates and your face – a double header so to speak.

Along with the rise in data leaks and cyber breaches in South Africa, there is also a marked increase in the number and volume of impersonation attacks being attempted. As long as the cybercriminal keeps being successful, this will not slow down.  Are you aware of what an impersonation attack is, and are you actively taking steps to identify and stop these attacks in your own environment?

There are billions of email addresses in use and often people have more than one address. Owing to the low risk and increased simplicity of launching an attack it is reported that 91% of cyber-attacks are started via email. Without visibility and awareness, the odds are definitely in the cyber criminals favour.

Impersonation attacks and phishing attacks are very similar.  One big difference between the two is that the impersonation attack is more precise and will have a specific target. Phishing attacks use the shotgun approach to hit as many targets as possible, also called a spray and pray.

Who wouldn’t want to be able to access and share information freely from a place of endless storage?

Cloud computing has become a household name, with businesses moving either to the cloud or they are there already.  A place where you can store, share and keep important data. How or where the hardware and software is located doesn’t matter to you, as long as you can access, add and store your information, you as the user, are in internet bliss. This way of storing information has become the way forward due to it being available “on-demand”. Cloud providers have options for public or private access, depending on what you are using it for.

Some people like the security of having something tangible i.e. a hard drive or server.  This is no longer the way to go because how many hard drives do you need to make a backup of a backup? And what if they all stop working? It’s too risky.

Others believe that a system that has a couple of servers is an improved solution for the business compared to a cloud-based solution.  Owning a couple of servers that are onsite doesn’t guarantee security. Onsite systems are large and this makes them pricey.  They can be accessed by many people and unless you are connected to that network, you would need to physically be there to access it. Cloud systems are accessible almost all of the time, from anywhere and you can provide different levels of access to staff, as required.

Cyber breaches are on every CEO’s mind. You cannot turn a page or hit a site without hearing of yet another corporate data loss disaster. No organisation is immune.

Nobody wants to be the next CEO at a press conference confirming that their cyber defences were penetrated and that their beloved customer’s personal data is now being actively traded on the cyber underground. Are you prepared to sit down with the regulator to explain that in the face of a clear and present danger, you did not do enough to stay cyber secure?

The truth is that as long as there are people who use systems, the probability of compromise is basically guaranteed. You will be compromised, it then depends on your multi-layered defence strategy to see whether the compromise leads to an all-out breach.

An important layer in your security program is your users. It is vital that all users have a sound awareness of cyber threats they may encounter in their daily activities.