Downgrading your IT security is false budgeting warns Intel’s Coetzee

Intel Secuirty

Intel Secuirty
Downgrading your IT security is false budgeting warns Intel’s Coetzee.

It is often instinctive for business managers to look for means of cost-cutting in times of economic downturn or uncertainty, but downgrading your security solutions is a false economy that may cost business much more in the long run, warns Trevor Coetzee, regional director, South Africa and sub-Saharan Africa, Intel Security.

At the risk of stating the obvious, the current state of the South African economy is bleak. A new report from Standard Bank, released last month, found that 94.5% of South Africans have negative net incomes – their outgoings are more than their incomes. Only 5.5% of us are savers. A report by Debt Rescue last year found that consumers have debt equal to as much as 75% of their monthly income. Yes, three-quarters of their income is already owed to someone as it hits their bank accounts.

Add to this the state of employment in SA: Career Junction is reporting job losses across most sectors, and Stats SA tells us unemployment is up. And although we managed to avoid a downgrade to junk status earlier this month, there is no guarantee that the next review will spare us again. And should that dreaded junk status come to pass, it will have knock-on effects on both consumers and corporates. What all this boils down to is stressed businesses and desperate people, creating a minefield for potential IT security risks for the average business.

Here are three ways that a strained economy results in increased IT risks for businesses:

Scammers exploit desperation
Let’s be frank: scammers, malware click-baiters, and their ilk, exploit greed and desperation. Broadly speaking, people who are comfortable and secure in their incomes seldom fall for these types of scams. But when your bank balance hits zero with your debit orders still looming, an offer that lands in your inbox offering passive- or work-from-home income suddenly looks much more appealing, as does a fake tax refund email or dodgy notice of deposit seemingly coming from your bank. A click to “see more” is often all it takes.

Not only are these emails and websites providing an access point to an individual device, they are ultimately an access point to your entire business IT network and infrastructure.

Malicious intent
While the above scenario is extremely unfortunate, the risk it creates is unintentional – on the part of your employee, at least. But as our economic woes pile up, so too do incidences of intentional damage. A critically over-indebted employee is a softer target for collusion and corruption. They may be blackmailed into providing access to your network. Or a disgruntled ex-employee may look to use his intimate knowledge of your system for personal financial gain. They needn’t be a hacker themselves; these skills are available for hire in today’s dark web market.

Neglected and over-stretched security resources
Cutting spending on IT or on IT security resources (read: personnel) in pursuit of a healthier bottom-line can also leave a company vulnerable. There are two aspects to consider here. Firstly, when budgets are slashed, people choose not to renew software licenses or turn to shadow IT to meet their needs. Shadow IT is software used without the knowledge or consent of the company’s It department. These include things like third-party cloud storage where the company is no longer in control, and if managed poorly, these put your data under threat. Secondly, your IT security staff teams are often shrunk, and over-stretched.

Unlike our economy, cybercrime is in a growth phase. For cybercriminals the risks are low and the potential returns great. The cost of cybercrime to the global economy is in excess of $400 billion annually.

Given this, it is clear that downgrading your IT security in tough economic times is a strategic fail waiting to happen. If anything, security should be tightened under these conditions. A single solution that offers centralised visibility across the network is your best defence, and could actually reduce your total cost of ownership.

Trevor Coetzee, regional director of South Africa and sub-Saharan Africa at Intel Security