FANews
FANews
RELATED CATEGORIES

Deepfake dilemmas: navigating this jungle

26 September 2024 Myra Knoesen

Cyber incidents are an ever-growing threat, with advanced tactics like deepfake technology leading the charge.

In light of recent deepfake scams, companies need to understand the critical role of advanced software solutions in mitigating risks.

FAnews spoke to Andrew Jensen, Software Architect at Genasys Technologies and Wimpie Van Der Merwe, CEO and Founder of Global Choices, Digital Path & Claim Central Africa about the critical importance of robust cybersecurity measures for corporations and financial institutions, and ways organisations can adapt their cybersecurity measures to address the changing nature of cyber threats.

The rise of deepfake technology has brought a new dimension to cybersecurity threats, according to Jensen.

“These scams, which convincingly manipulate audio and visual content, pose a serious risk, particularly for corporations and financial institutions that depend heavily on the authenticity of their communications. This situation underscores the critical need for robust cybersecurity measures. By incorporating advanced software solutions like AI-driven identity verification and real-time anomaly detection, businesses can better safeguard their operations against these sophisticated attacks, ensuring that only legitimate interactions are processed,” he said.

Effectively counter this threat

According to Van Der Merwe, to effectively counter this threat, a multi-faceted approach involving technological innovation, public awareness, law enforcement efforts, and international cooperation is necessary. 

“Public awareness and education on deepfake technology are essential to enable individuals to recognise and scrutinise potentially fabricated content. Media literacy programs can help the public develop critical thinking skills to discern between genuine and manipulated videos. Additionally, law enforcement agencies should be equipped with the necessary tools, skills, and resources to investigate and prosecute perpetrators of deepfake-related crimes,” he said. 

“Furthermore, international cooperation is vital in addressing the cross-border nature of deepfake threats. Collaborative efforts between countries can help establish global norms and regulations to combat the misuse of deepfake technology. Governments and organisations must also invest in research and development to stay ahead of advancements in deepfake technology and enhance detection capabilities,” he emphasised. 

Robust cybersecurity measures

“Protecting businesses from the rising threat of ransomware attacks is a top priority in the realm of cybersecurity. To proactively shield themselves from these malicious attacks, organisations must enhance their security measures, raise employee awareness, and establish robust incident response protocols,” said Van Der Merwe. 

“Implementing secure data backup and recovery systems in the face of escalating ransomware incidents and setting up secure data backup and recovery systems is crucial for both recovering from ransomware attacks and maintaining business operations. These systems act as a safety net against data loss, allowing organisations to quickly resume their activities post-cyberattack. Organisations have various options to consider when it comes to data backup. One popular method is cloud-based backup, where data is securely stored off-site on remote servers. Cloud backup offers benefits like automatic backups, scalability, and easy access from any location with an internet connection. Additionally, it eliminates the risk of failure associated with physical storage media,” he added. 

Jensen added that traditional defensive measures often fall short when facing modern challenges like ransomware attacks and data breaches. “To adapt, companies should embrace a layered security approach that includes technologies such as multi-factor authentication, end-to-end encryption, and regular security audits. Additionally, proactive threat hunting and state-of-the-art endpoint protection can significantly enhance an organisation's ability to detect and neutralise threats early.” 

“Artificial Intelligence (AI) and machine learning also offer powerful tools to automate and enhance the detection, analysis, and response to threats. AI systems are capable of analysing vast amounts of data to identify patterns that may indicate potential security breaches, enabling faster and more effective responses. This technology is particularly valuable in maintaining real-time defences against rapidly evolving cyber threats,” said Jensen. 

Educating the workforce, according to Van Der Merwe, plays a pivotal role in preventing ransomware attacks too. “By delivering comprehensive training on cybersecurity best practices, organisations can empower employees to recognise and report suspicious activities, such as phishing attempts and dubious email attachments. Organisations should also embrace a multi-layered security strategy that includes firewalls, antivirus software, intrusion detection systems, and encryption tools. By deploying multiple lines of defence, businesses can significantly diminish the risk of ransomware infiltration and lower the potential impact of an attack.” 

“A prompt and efficient incident response plan is crucial for minimising the consequences of a ransomware attack. Organisations should devise clear escalation procedures, assign and define responsibilities, and routinely conduct incident response exercises and simulations. By practicing incident response protocols, organisations can ensure swift detection, containment, and recovery from ransomware attacks,” continued Van Der Merwe. 

“Developing a robust cybersecurity stance is the basis of effective ransomware recovery and business continuity planning. By enhancing cybersecurity measures, organisations can substantially decrease the chances of falling victim to ransomware attacks. Investing in employee training, implementing multi-layered security solutions, and strengthening incident response capabilities are vital steps in establishing a resilient defence against cyber threats,” he said. 

A solid cybersecurity strategy

“Small and mid-sized enterprises (SMEs) often face significant cybersecurity challenges, typically operating with limited resources. However, they can still implement effective cybersecurity measures. Key strategies include conducting regular employee training, deploying robust anti-virus and anti-malware solutions, securing networks with firewalls, and keeping all software up to date to protect against vulnerabilities. Additionally, many SMEs might find value in outsourcing their cybersecurity needs through managed security services, which can provide expertise and resources that are otherwise unavailable internally,” said Jensen. 

To shield operations, customers, and data from the increasing cybersecurity threats, businesses must establish a solid cybersecurity strategy. These, according to Van Der Merwe include: 

  1. Training employees on security principles;
  2. Protecting information, computers, and networks from cyber-attacks;
  3. Securing internet connections with a firewall;
  4. Implementing firewall security to prevent unauthorised access to your network;
  5. Developing a mobile device strategy;
  6. Backing up critical business data;
  7. Controlling physical access and creating user accounts;
  8. Securing Wi-Fi networks;
  9. Implementing secure payment card practices;
  10. Limiting employee data access and software installation; and
  11. Implementing password policies and authentication measures.

“Staying ahead of cybersecurity threats requires a proactive and multifaceted approach. Strategies include continuous education and awareness, regular updates, and patching, implementing strong security measures, conducting risk assessments and vulnerability scans, monitoring and incident response planning, employee training, collaboration, and information sharing, adopting advanced technologies, secure development practices, regulatory compliance, and regular assessments and reviews. By combining these strategies, organisations can better protect themselves against cyber threats,” concluded Van Der Merwe. 

Jensen concluded by saying that, “keeping up with new and evolving cyber threats is a continuous challenge. Organisations can manage this by investing in threat intelligence platforms and engaging in cybersecurity communities for shared insights and strategies. Regularly updating cybersecurity policies to reflect the latest threat intelligence ensures that defences remain robust and capable of countering new threats as they arise.”

Writer’s thoughts

As the years progress, we face increasingly advanced cyber threats, making it crucial for organisations to prioritise robust cybersecurity measures. By investing in advanced solutions, fostering employee awareness, and embracing a multi-layered security strategy, businesses can effectively safeguard against these sophisticated attacks and ensure their resilience in an ever-evolving digital landscape. Do you agree? Please comment below, interact with us on Twitter at @fanews_online or email me - myra@fanews.co.za

Comment on this post

Name*
Email Address*
Comment
Security Check *
   
Quick Polls

QUESTION

How effective do you think technology is in improving compliance processes for FSPs?

ANSWER

Very effective – it streamlines and automates processes
Somewhat effective – helps but can't solve all issues
Not effective – technology can't replace proper oversight
fanews magazine
FAnews October 2024 Get the latest issue of FAnews

This month's headlines

The township economy: an overlooked insurance market
FSCA regulates crypto assets: a new era for investors
Building trust: one epic client experience at a time
Two-Pot System rollout underlines the value of financial advice
The future looks bright for construction
Subscribe now