Calls for standardized cybersecurity breach reporting 0 653

cybersecurity breach reporting

Internet security company ESET East Africa has added its voice to the call for legislation to compel organizations to share or release information to a supervisory authority, affected individuals or organizations in case of cybersecurity breaches.

According to Teddy Njoroge, ESET Country Manager in charge of Kenya, Uganda, Tanzania and Rwanda, this would help responsible branches of government, businesses as well as Cybersecurity services vendors to keep ahead of cyber-criminals.

“Due to the siloed and secretive manner in which breaches are reported in Kenya, another attack similar to ‘WannaCryptor’ ransomware could be devastating if directed to critical institutions such as health, government, and especially the financial services sector”, He said.

On Tuesday, May 17, Joe Mucheru, Cabinet Secretary in the Ministry of Information and Communication Technology (MoICT) challenged the financial services sector in Kenya to improve information sharing and reporting on Cyber-security breaches.

“Breach notification eliminates the clandestine attempts by hackers to attack systems and enables synergized efforts towards the prevention of the criminal activity as well as their prosecution”, he said.

Speaking at the Cyber-Security & Banking Forum organized by Citibank and the ICT Authority, the CS said standardized reporting would also help in quantifying the exposure and resilience of organizations both in public and private sector to cyber security incidents.

”A shared reporting system would be a welcome move in developing a unified preventive and counteractive measure to hamper the growth of malware such as ‘WannaCryptor’ and other forms of cybercrime in the country.”

The encrypting – type malware is also known as ‘WannaCry‘  or ‘Wcrypt’ that hit the world on Friday, May 14, 2017, spread rapidly around the globe by exploiting a vulnerability in computers running unpatched versions of Microsoft’s Windows Operating System.

Njoroge added that a standardized and shared reporting system would be a welcome move in developing a unified preventive or counteractive measure to hamper the growth of malware and other forms of cybercrime in the country.

“In the aftermath of ‘Wannacryptor’ ransomware attack we can see from statistics a trend that indicates potential under-reporting of both successful and unsuccessful attacks especially noting that over eighty percent of personal computers and servers in Kenya run on the Windows Operating System”, he explained.

ESET recorded eight ‘Wannacryptor attack attempts in Kenya during the period May 14th to 16th 2017. In Africa, worst hit was Egypt which recorded 1,592 attempts followed by South Africa at 386 and Nigeria at 42 attempts out of the 15 countries that registered attack attempts.

Around the globe, ESET recorded the highest number of attacks in Russia with 30,189 cases, followed by Ukraine – 7,955, Taiwan – 7736 and The Philippines at 1,973 cases and which was followed by Egypt.

“In this period 14,383 ESET clients reported 66,566 attack attempts which were all detected and stopped. 60,187 attacks were detected through file or memory detection while another 6,379 attack attempts were stopped through ESET’s Attack Network Protection module”, said Njoroge.

Previous ArticleNext Article

Ransomware Protection Crucial to Enterprise 0 281

Ransomware

Ransomware is by far the biggest threat among Enterprises.  So what is Ransomware? It is a malicious code that blocks or encrypts the contents of a device and demands a ransom to restore access to the data.

According to research done by ESET,  Companies named ransomware their number one concern.

In response to customer needs and concerns, ESET integrated Ransomware Shield into its security solutions. ESET has long been providing its customers with very good behavior-based malware detection and also with Host-based Intrusion Prevention System (HIPS) that allows users to set custom rules for the protection against ransomware. However, should something slip past the 11 other security layers, Ransomware Shield will be automatically activated.

While ransomware infection often starts with clicking a suspicious link or a fictitious invoice, ESET found that email remains the most common distribution method.

To combat these scenarios, enter ESET Dynamic Threat Defense (EDTD). EDTD provides another layer of security for ESET products like Mail Security and Endpoint products. It utilizes a cloud-based sandboxing technology and multiple machine learning models to detect new, never before seen type of threats. In result, attachments that were classified as malicious are stripped off the email and the recipient gets information about the detection.

To learn more about how ESET can protect your business, and to book a FREE in house Cybersecurity Training Session for your employees, please sign up below.

Free Training

Interview: Addressing the Six Biggest Cybersecurity Challenges for Enterprise 0 199

cybersecurity challenges enterprise
Ken Kimani, Channel Manager of ESET East Africa, introduces the 6 biggest cybersecurity challenges for enterprises

Enterprises are under constant attack from cybersecurity threats resulting in the loss of millions in revenue annually. Factors such as ransomware, targeted attacks, insufficient network visibility, various operating systems in an organization, bad security behaviour among office staff, lack of skilled cybersecurity workforce and the level of tolerance among staff are the major causes of cyber-attacks in the country.

To mitigate these issues, ESET East Africa offers free training, suitable for all skill levels to help educate enterprises on the importance of cybersecurity.

Subscribe to our newsletter to find out more about this training, our enterprise offering and to follow our series on the 6 Biggest Cybersecurity Challenges for Enterprises.