Deimos canvasses increased cybersecurity education to protect African businesses

By Onome Amuge.

Deimos, a leading African cybersecurity company specializing in cloud security, has issued a call for greater cybersecurity awareness and education across multiple sectors. With clients ranging from the public sector to fintech and e-commerce, Deimos is adamant that proactive security measures are necessary to protect businesses from cloud security vulnerabilities.

The company emphasizes the importance of automated security processes to reduce the risk of human error and social engineering attacks. Citing Verizon’s 2023 data breach investigations report, Deimos noted that 74 per cent of breaches involved the human element, highlighting the need for greater focus on security education and training.

As remote and hybrid work becomes the norm, businesses are increasingly reliant on cloud technology, which brings new security challenges. Deimos recommends three critical strategies for engineering teams to improve cloud security:

– “Shifting left” – moving security testing and testing earlier in the software development process, rather than after release.

– “Defending right” – using firewalls and intrusion detection systems to protect products from external threats.

– Utilising automated tools, such as static and dynamic application security testing, to analyze source code or web applications for vulnerabilities.

The rapid growth of Africa’s tech ecosystem has made it a target for cybercriminals, as startups and businesses increasingly rely on cloud technology. Deimos warns that many startups are making the mistake of prioritizing speed and agility over security in their go-to-market strategy, and have a reactive rather than proactive approach to cybersecurity. Additionally, there is a lack of secure access control measures for employees who have access to sensitive information and systems. This puts businesses at risk of data breaches and other security incidents.

Deen Hans, Deimos’ director of security engineering, emphasised that businesses must “fortify themselves against cloud security vulnerabilities. In my experience working with our clients, the focus is very much on operations that lead to growth, competitive edge and so on. A Cybersecurity strategy usually comes in the aftermath of a breach. However, this can be costly, with critical vulnerabilities that damage reputation and erode trust. The consequences of pursuing growth without a strong security posture can be detrimental.

According to Deimos, Distributed Denial of Service (DDoS) attacks are an increasing threat to Africa’s tech ecosystem, as hackers flood servers with traffic to prevent users from accessing services. Deimos attributes these attacks to a lack of focus on good governance practices, education, and awareness of the security risks of cloud technology. In the third quarter of 2022, over 57,000 DDoS attacks were reported globally, according to Kaspersky. These attacks,it said, can have serious consequences for businesses, including reputational damage, financial losses, and loss of customer trust.

The cloud security company observed that many clients are unsure about their compliance status and security posture, and often realise security flaws just before launching their services. This,it said, can lead to delays and lost opportunities.

Deimos also notes that the lack of cybersecurity in Africa is particularly problematic for remote work, where security incidents can have a significant impact. IBM reports that the majority of breaches involve data stored in the cloud, and a single compromised user can have far-reaching consequences. This highlights the need for strong security practices for remote workers.