Category: Vox 4 Thought

By Richard Frost, Product Head: Cybersecurity at Armata

With South Africa being a favoured target for cyber attackers globally, and with the threats growing in both volume and sophistication, local organisations must do more to mitigate against these attacks. In addition to increased automation in threat detection and response, and active threat hunting, carrying out cyber attacks on oneself in order to improve both internal skills and overall security posture is gaining in popularity.

Traditionally, organisations had focused on security information and events management (SIEM), which uses a variety of products and tools that combine both security information management and security event management. SIEM pulls together log files generated from firewalls and other services across a network, giving IT personnel the necessary information needed to respond and recover from a cyber threat, or to identify something that could potentially be a threat.

While this has served well in the past, much more is needed to tackle growing challenges such as ransomware that can stay dormant on your digital infrastructure for months before becoming active and encrypting an organisation’s data. Until then, the ransomware can behave like any other legitimate application and avoids detection; it is only when it tries to encrypt or manipulate data or engages in privilege escalation that it is seen as a threat by endpoint detection and response (EDR) tools. By that time, it might already be too late to fully mitigate the threat.

The first step to mitigating against such threats is to also make use of security orchestration, automation and response. This allows for increased automation when it comes to threat hunting, as organisations can look for patterns in data that is pulled from multiple repositories in order to identify and neutralise potential threats – and in a significantly shorter duration than had it been a manual process.

In essence, SIEM picks up that there is an issue, while the SOAR quickly takes action in resolving the issue, or even engages in active threat hunting.

Apart from EDR, which focuses only on the end-user devices, organisations are increasingly looking at network detection and response (NDR). While basic NDR functions can be carried out using firewalls, the process can be enhanced by using specialised tools such as Darktrace and ExtraHop. These tools closely monitor the network layer, as well as communication between devices and the network in order to identify threats at that level.

This includes identifying trends in the data usage of applications, which can help uncover hidden threats that might be lying dormant on a network. For example, if a file server has an average traffic of 1GB per day, discovering a huge increase in the data traffic can be a telltale sign of ransomware or malware being active on your system and sending data back to the threat actor before causing malicious damage to your data or network.

Being proactive about cybersecurity can be as simple as monitoring reports from email security tools that are designed to block emailed malware as well as phishing or even spear phishing attacks. While the tool might be doing its job successfully in protecting the network and users from attacks through this medium, taking a closer look at reports will help the security teams understand whether these events are sustained, suggesting that someone is actively targeting the organisation in order to gain unauthorised access.

Cybersecurity testing exercises

As part of efforts to sharpen their active threat hunting capabilities, organisations are carrying out cybersecurity testing exercises, using two or more internal teams, in order to uncover loopholes in their network or security systems and to improve the level of skill of their cybersecurity personnel.

Traditionally, these exercises involve red team and blue team engagements, where the red team are penetration testers or white hat hackers who look to exploit vulnerabilities within an organisation’s defences, including its network and endpoint devices, while a blue team comprises the people who are responsible for protecting its data and network, as well as active threat hunters.

Today, however, these engagements now include a purple team, which sits on the fence, so to speak, and oversees these engagements. In addition, they will advise both sides on how to attack or defend better, and make sure that the best strategies are being used during these engagements in order to build skills and develop best practices.

These exercises also help test the readiness of both an organisation’s computer emergency response team (CERT), which includes IT professionals who handle all the incident response and mediation, as well as computer security incident response team (CSIRT), which is a cross-functional team within the business that brings together members from IT, senior leadership, legal, marketing and communications and others in order to formulate a comprehensive and holistic response to a cyber security incident.

Companies are also increasingly gamifying these security exercises in order to improve participation and engagement and provide a platform for continuous learning that ensures the organisation is better equipped to combat cyber threats. Depending on the size and nature of the business, these engagements can be carried out quarterly or even on a monthly basis.

In all, while active threat hunting has been around for a while, the practice has matured over the last few years to the point where it has come to the fore as a crucial cybersecurity defence mechanism for any organisation.

In a landscape of growing cyber threats, organisations need to be more proactive and need to address issues that are not normally classified as threats but are still suspicious in nature, with new metrics being continually added to the profiling to ensure that they stay ahead of the curve in adequately protecting themselves.

What does it mean to compute at the edge and why should FMCG companies even care?

Compute at the edge. This concept puts the data, the applications, the networks and the devices right up close to the consumer, on the edge. It is the epitome of faster, better, more. The ability to move at speed, make decisions on a dime and pivot within the confines of uncertainty. But why should the FMCG sector care? Isn’t this the compute reserved for the high-tech giant, the tech-driven startup? Not when the potential economic value of IoT is around $5.5 trillion and could help the sector develop creative solutions to complex problems, something 96% of retailers are keen to do post-pandemic.

“The FMCG sector has heard it all, it knows about IoT, about how sensors can shift operational efficiencies and how it can help them cut costs and stay ahead of the competition,” says Activate Founder, Rodney Taylor, at Vivica’s Guardian Eye. “The thing is, there is a perception that IoT hasn’t evolved at the pace of hype, so many FMCG companies are uncertain of its value or how to realistically unpack it.”

McKinsey echoes this sentiment. In 2015 the firm published a report that looked at how IoT could deliver value beyond the existing hype, now six years later, the analysis has been updated and the firm found that even though the market has grown, it hasn’t done so at the pace expected. However, it hasn’t stagnated, nor has it disappeared off the digital radar. While the limitations to its growth have been impacted by access to skills and security concerns, among other considerations, the technology has matured and is now sitting on stronger foundations that can deliver the edge IoT that’s needed by FMCG.

“First, by putting FMCG on the edge using IoT, firms can measurably cut costs,” says Taylor. “Think of it like this – if a company has to ascertain the temperature of its fridges using manual resources, there’s a very good chance that the results will be inaccurate and lack consistency. It will also take a lot of time that would be better spent in other areas of the business. Now, by introducing an IoT temperature sensor, for example, all the fridges in one environment will be measured accurately, for the same length of time, and on demand. The data is right there, with no delays and unnecessary costs to the company. It not only saves time but it’s also convenient.”

In this example, IoT sits right at the edge of the customer’s requirements and ticks multiple very useful boxes. It can also be an added safety element as the system can be configured to send an alert whenever a certain temperature is reached, so the business knows of a problem within minutes. And these devices aren’t going to take the weekend off, they keep on going so the temperatures remain stable and product wastage or loss is significantly reduced.

“When you consider how much it costs to install, maintain and manage fridges in the average FMCG set-up, it’s easy to see how the edge compute can benefit the business,” says Taylor.. “If a pump fails, a sensor will catch it. If the power and the backup fail, a sensor will catch it. If someone forgets to close the walk-in fridge on a busy night at the restaurant, the sensor will catch it. A safety net built by technology but designed to translate into useful insights and alerts that are relevant to companies working in FMCG.”

Alongside the cost savings and the smoother management of systems, and this doesn’t have to sit in the realm of fridges, IoT and its agility at the edge can also transform how the sector manages its networks, payments and customer interactions. Using an IoT-specific network, companies can add specific functionality on demand and use the speed at which IoT communicates to refine multiple aspects of their operations and environments. The sensor temperature functionality can be used to generate insights and reports that can be used to further refine operations on a granular level – when does the temperature fluctuate the most, what are the contributing factors, and how can this be resolved? Reporting of this nature can extend into all environments, battery usage, power management and more – every sensor touchpoint an opportunity to refine operations and cut costs.

“This is why you should put your fridge on the edge,” concludes Taylor. “Not the edge of a cliff, or the edge of reason, but at the edge of what IoT can realistically offer you in the real world, providing you with immediate cost savings and efficiencies that directly benefit your bottom line.”

 

An unmanaged firewall is like a self-burning stove, it does the job but it can set the house on fire if not tended carefully

The firewall. Perhaps one of the oldest and most well-known of security technologies available on the market today, the firewall has long been used as a perimeter defence for organisations. In the past, these services were as simple as put up, leave up and manage when needed. However, like everything else in the technology realm, the firewall can’t sit on its laurels, it has to evolve and adapt. This necessity is underscored in recent research that highlighted how the increasing complexity of networks, driven by cloud and compute and digital transformation, demands that the firewall become more capable of protection and security sophistication.  For Quintin van Zyl, Head of Managed Services at Qwerti, the firewall that’s left untended is the one that presents a serious risk to the business.

“Many companies are unlikely to have specialised IT staff or security personnel with in-depth knowledge of firewall management and maintenance and many aren’t sure how this technology impacts their business or its security,” he adds. “This means that effectively their firewalls are the risk. Unmanaged, this technology introduces vulnerabilities.”

The firewall is traditionally the first line of defence around the business. It monitors traffic in and out of your network and allows access based on a series of security rules that are defined by the business. If these rules aren’t robust or aligned with changing business use cases or network demands, then they are about as effective as a saloon door in a typhoon. Anything can come in as long as it tries hard enough, and the cybercriminals will keep trying, of that, there is little doubt. The firewall is the border between the external world and the internal network and maintaining its rules, detection capability, and functionality is a challenging and complicated task.

“The firewall can be either a hardware or software-based device that controls access to the network and the organisation’s data, it is a type of access control that is the equivalent of keys to the front digital door,” says van Zyl. “If this is unmanaged, it is essentially the same as giving out keys to anyone who happens to walk by. Pop into Woolworths and hand out your house keys to everyone in the store and the analogy is clear – you need to close the door and shut the gate, so your business is secure.”

The only way to do that effectively today is to invest in a managed firewall. This is the most reliable way of ensuring that your network devices, your firewall, your access points and your security perimeter is configured and maintained properly. In addition to improperly defined rules, an unmanaged firewall may not be patched or up to date, which introduces a whole new level of vulnerability to the network and also puts the company’s compliance at risk. Without a robust firewall and visibility into its efficacy, the organisation could be in breach of regulations outlined by POPIA and GDPR.

The problem is that there are still so many companies operating with unmanaged firewalls that leave them wide open to data loss, ransomware and more,” says van Zyl. “There are statistics that highlight how organisations still have users connecting to phishing sites, the sign of a poorly defined firewall. Ransomware tearing through data and backups, the sign of a limited firewall. The examples can go on, but the real cost to company is in the loss of reputation, money and business.”

Welcome to the managed firewall. This is the neat and tidy sibling of the unmanaged solution, bringing with it the expertise, maintenance, skillsets and security that are often out of the price league for many companies. Instead of internal IT staff or security teams, a managed services provider takes on the firewall and ensures that every touchpoint and endpoint is thoroughly protected in line with the latest regulations, compliance mandates and best practice.

“Like all managed services, it comes down to a simple choice between whether or not you have the skills and time on-premises, or if you need someone to do the heavy lifting for you,” concludes van Zyl. “When it comes to security, the most important factor is ensuring that the firewall is capable and alert 24/7/365 and that it is patched, up to date, relevant and resilient. This can be done in-house or managed externally, but either way, it has to be done. Security isn’t a compromise, it’s a necessity.”

 

By Heath Huxtable, Executive Head at Braintree by Vox

The demise of brick-and-mortar stores has long been talked about, and the idea seemed to gain momentum during the multiple lockdowns that pushed more South Africans toward online shopping. While the end of physical stores hasn’t yet arrived, changes in customer behaviour mean that retailers now must have an online sales presence. And, they need to work with a partner with extensive industry experience if they are to get this done right.

Beyond the drive to eCommerce, other factors that are driving these changes in business include mergers and acquisitions, restructuring, change of strategy due to new shareholders, etc, and there is a drive to simplify IT in order to gain efficiency, reduce costs as well as to develop eCommerce capabilities.

In response to the changes, numerous digital platforms have emerged, all with the aim of helping businesses develop eCommerce functionality. Up front, the most crucial aspect to be considered is whether these are able to integrate what happens in physical stores with what happens in the online store.

The majority of digital storefront products on offer keep these two functions separate, which results in a lack of coordination between the physical and online across several areas. This includes pricing and availability, product descriptors, specials and loyalty programmes to name but a few. This disparity can result in situations such as long wait times for delivery or even cases where someone might order online to pick up in-store, only to find that the product is not in stock.

Tight, seamless integration ensures that products listed are available and can be delivered or collected in time, helping improve the customer experience. As such, there is a growing demand from retail businesses for an end-to-end solution that helps their digitisation. They are looking for a solution that brings together their finances, procurement, warehouse management, pricing, stock management, point of sale and more.

In addition, given that the sector traditionally works on low margins and high volumes, there is a demand for solutions that have low deployment costs, low infrastructure costs, and low cost per transaction. These businesses often turn to best-of-breed solutions – such as combining Microsoft Dynamics 365 Business Central with LS Retail – that lower the total cost of ownership, but still provide these organisations with the enterprise level of functionality that they require.

This is especially the case with many modern retailers diversifying their offerings beyond traditional fast-moving consumer goods (FMCG) and fashion, and now including in-store butcheries and pharmacies, which come with unique challenges.

For example, the prices of produce from butcheries are not standardised but can vary depending on a variety of factors, the primary ones of which are quality and weight. Pharmacies, for their part, come with a host of regulations that need to be adhered to; this can revolve around patient management, prescription management, traceability and much more.

The challenges are further compounded for retailers that are looking to expand into the African continent. The costs of expansion, coupled with low margins mean that the business case simply cannot be made for a Tier 1 enterprise-grade solution to be deployed. Here, organisations such as Braintree, a Microsoft Dynamics Gold Partner powered by Vivica Holdings, can bring significant geographical and industry sector expertise to the table, having implemented seamless digital solutions for a variety of retail organisations in South Africa and beyond.

Not only has Braintree been able to deploy its retail solutions in several countries across the continent, but it has also done so without setting foot in any of these geographies, helping bring down deployment costs. The company also sits on the partner advisory council of LS Retail, meaning that it gets to provide input into the direction that the software takes, and ensure that it remains a solution of choice for African companies looking to grow in the butchery, FMCG, pharmacy, and retail business.

So what about physical stores? As we have seen, they are not going anywhere and still form a part of doing business. What is changing is how people are now using them, and physical stores are increasingly becoming an experiential event that serves to showcase what is possible. Stores will serve merely to ignite people’s interest – window shopping at its finest – before directing them online where the full catalogue of products will be available.

There are of course some areas where this won’t be the case: for example, shoppers prefer to physically try out makeup and other beauty products before purchasing, whereas there will be other items, such as clothing or shoes, which they are entirely comfortable with purchasing online. In the end, they still need to ensure accurate coordination between their physical shops and online storefronts, and bringing on board the skills of the right partner will be key.

 

CIOs and IT teams have had to develop fresh strategies to manage remote working more effectively and with reduced risk and complexity

Remote working has rapidly shifted from a necessity to a daily reality with many organisations opting into either full remote or hybrid working frameworks. According to Ladders, 25% of professional roles in the US are likely to be remote by the end of 2022 and this is likely to gain traction as the world moves into 2023. People want more flexibility and less complexity, as echoed by growing rates of burnout, and companies want to create working ecosystems that allow for improved productivity within the remit of worker wellbeing.  And yet, all this flexibility requires an agile remote functionality and technology capability that’s putting desktop support under pressure to deliver, says Dominique Yeates, Senior Product Manager Managed Service at Qwerti.

“The shift to remote working has implications for end-users because CIOs have to develop strategies that allow for the business to seamlessly move the workplace to a more agile and digital foundation,” she adds. “This includes privacy and security agreements, outsourcing agreements, and all the different arrangements for end-user computing services. During the pandemic, companies gave free tools like Zoom and Teams to their employees, and now they’re having to find money to pay for all these collaboration tools so they can maintain their remote and hybrid working environments.”

Today, as the pandemic shifts down several gears and organisations re-evaluate their ecosystems, it’s come time for companies to assess which technologies and services they need to fully realise an agile and flexible system. They have to consolidate multiple platforms and solutions across multiple devices and collaboration tools and do all this without losing data, cohesion or functionality. Most companies are juggling so many different solutions, data points, entry points, cloud platforms and collaboration tools that they’re not sure where to start building a cohesive remote or hybrid working offering.

“Another challenge is that companies are now under pressure to refresh their technology so their devices and data storage systems are capable of handling the processing and storage requirements of the modern organisation,” says Yeates. “You need hard drives, SSDs, devices, security, anti-virus and connectivity. All these components are essential to the smooth operating of a digital and agile company, but the question is – who implements them? Who delivers them?”

With workers scattered across the world, globe and country, how does a company deliver the right tools to its people? How does it ensure that loadshedding doesn’t impact productivity? How can you manage seamless connectivity? Every one of the answers to these questions costs the business money. Each answer also has to scale as the company and its working environment evolve and has to be maintained and managed consistently.

“While all these devices and solutions are ideal for putting the business on the digital map and the global stage, they also break down or stop working and require troubleshooting. Now, companies have to pay for technicians to go out and resolve any technical problems that workers may have and each time they go out, it costs the company money,” says Yeates. “Suddenly, there is a lot of noise that most organisations don’t have the tools to silence.”

Yes, desktop support for remote workers is time-consuming, challenging and expensive, but abandoning it is not an option. Not when it delivers clear and measurable value and returns to the business. So, the real question is – how can the business address the burden of desktop support without compromising on remote working?

Enter the managed services solution. A third-party company that takes on the management, distribution, maintenance, security and delivery of all remote and hybrid working technology. Companies think that outsourcing costs more, but the reality is in most instances, they are able to extract significantly more value and around 30% less cost than their own IT support staff. The remote desktop managed services support offering that’s evolved alongside the changing working environment is designed to scoop up the fiddly bits that legacy operational processes have left behind.

“A third-party service provider will have a dedicated monitoring desk that can deal with problems in real-time and keep the cogs of the business running smoothly,” says Yeates. “Remote working throws up a significant volume of tickets and a service provider is focused on resolving those across multiple fronts – security, connectivity, device functionality and more. Also, thanks to remote connectivity services, the service provider doesn’t have to physically be on-site, they can resolve most issues remotely which saves money and time.”

Desktop support for remote working is challenging, but with the right managed services partner it can shift from a burden to a collaborative experience. Using a dedicated service provider will ensure that the business has resources, overflow management, upgrade and maintenance management and access to security and network tools that ensure seamless service delivery.