Cybersecurity – a key enabler for growth?
Head of Solutions, Projects and Portfolio for T-Systems South Africa, Rajan Padayachee looks ahead on what cybersecurity needs to look like in 2018 and beyond.
2017 was a difficult year for cybersecurity with numerous phishing scams, ransomware attacks and even some high profile political hacks making the headlines. It is clear businesses need to remain vigilant and be prepared to invest in robust security infrastructure. This sentiment is echoed by Rajan Padayachee, Head of Solutions, Projects and Portfolio at T-Systems South Africa. We sit down with Padayachee to discuss the future of cybersecurity and just how crucial it is to the digital strategy of any modern business.
If last year was anything to go by businesses need to batten down the hatches as far as cybersecurity is concerned in 2018. Hackers are getting smarter and they’ll almost certainly be attempting even bigger breaches in the near future. So, where are businesses at in terms of their attitude towards keeping pace with cybersecurity developments and, more importantly, investing in it?
“The one challenge that we continue to face is that security is one of those services where it only seems to matter to a lot of people when there’s been a breach of some description,” says Padayachee. “It’s almost like a grudge purchase because customers don’t necessarily want to pay for it, but it really becomes an issue when their business is then exposed.”
With close to 130 customers in South Africa as well as its global network, T-Systems is a highly respected company offering end-to-end security encompassing infrastructure, hosting, cloud, network security and application support. Its customers haven’t yet suffered any major security breaches and, as such, Padayachee is well placed to comment on the increased possibility of potential breaches – especially for those businesses going through digital transformation, not to mention the increase in connectivity thanks to the internet of things.
“In the past, the focus was on physical security such as data centres and access control – then we moved onto infrastructure, anti-virus, firewalls and so on, but now you have to be prepared to protect every single transaction. Nobody is coming into your environment to target one specific area. Everything is at risk. This is especially true for businesses embarking on a digital journey because now you have more devices that communicate with your business infrastructure, your employees, your customers etc. The challenge now is to manage your security in a much more complex environment,” says Padayachee.
Attitudes and threats
The days of cybersecurity meaning little more than patch management and firewalling are long gone. “For example, if you’re a retail store and you have intelligent cameras, biometrics, heatmaps and a whole range of digital technology on your network, you need to make sure every piece of infrastructure is secure, bearing in mind a lot of these elements may be coming from all different kinds of providers. You need to take a holistic approach to security. You need to know the ID of every device on your network.”
Another key element of cybersecurity acting as a key enabler for digital growth is not to become complacent, according to Padayachee. “If you have encryption you may think you are secure, but if you look at the processing power available, I don’t think encryption alone will be able to protect you in two or three years’ time. Your security needs to continuously evolve in a changing environment.”
Cost is still a prohibitive element for some businesses being reluctant to invest in security infrastructure, but as Rajan points out, hackers are also evolving as is the increasing severity of their threats. “Ransomware is one of the most common forms of attack at the moment. In the past you’d try to protect your environment, but hackers aren’t coming in to steal your data; there’s so much of it out there anyway. What they do now is they come and make sure you can’t access it. They will then ask you to pay to access it.”
Beating the hackers
These developments in how hackers are now operating has also had an impact on the type of service companies like T-Systems are now offering in an effort to help combat security breaches. “We now offer a sort of simulation exercise where we go in from an executive level, so we’re not looking at it from a pure IT viewpoint,” Padayachee continues. “We try to get them to understand what it means when a business is attacked in this way. So, the conversation is all around us saying: ‘If you’re locked out of your SAP systems then what impact will that have on your business?’ For example, if a healthcare business is attacked it could affect billing, scheduling of patients operations and so on. By having these discussions we have found that a large number of businesses are not prepared to deal with a situation where they can’t access their own systems.”
Millions of cyberattacks take place every year in Africa, especially in South Africa, Nigeria and Kenya. According to 2017 Global Cyber Security Index of International Telecommunications Union, the level of commitment in Africa to cybersecurity is the lowest compared to other continents. Kenya is the 69th most vulnerable country in the Global Threat Index out of 127 nations. The country is estimated to have lost about Sh20bn as a result of cybercrime, but surprisingly 96% of companies in Kenya spent less than Sh515,000 ($5,000) in cybersecurity.
One of Padayachee’s gravest concerns is around how devious hackers are becoming too. “The intelligence is so good they can be in your system for two months before doing anything. Hackers are becoming smarter about the way they attack companies.” So, what can businesses do? “It’s all about being prepared. Really, it’s not a question of if you’ll be attacked, but when. These conversations where we go in and speak to executives are really good because they make people think about how to protect their brand, reputation and business. These people need to know what to do in a situation where they’re asked to pay a ransom. They may even just need to know whether the threat is real or not,” he says.
As the conversation draws to a close, Padayachee admits that while nobody can provide a totally fail-safe environment there are steps that can be taken to ensure damage is prevented or kept to a minimum, but it all starts with investing in the correct robust infrastructure. “No provider can guarantee 100% against security breaches because attacks are evolving, but you still need the right processes in place so that you’re ready. Bear in mind the top organisations in the world have all been compromised at one point.”
5 minutes with... Janthana Kaenprakhamroy, CEO, Tapoly
Founder and CEO of award-winning insurtech firm Tapoly, Janthana Kaenprakhamroy heads up Europe’s first on-demand insurance platform for the gig economy, winning industry awards, innovating in the digital insurance space, and leading with inclusivity.
Here, Business Chief talks to Janthana about her leadership style and skills.
What do you do, in a nutshell?
I’m founder and CEO of Tapoly, a digital MGA providing a full stack of commercial lines insurance specifically for SMEs and freelancers, as well as a SaaS solution to connect insurers with their distribution partners. We build bespoke, end-to-end platforms encompassing the whole customer journey, but can also integrate our APIs within existing systems. We were proud to win Insurance Provider of the Year at the British Small Business Awards 2018 and receive silver in the Insurtech category at the Efma & Accenture Innovation in Insurance Awards 2019.
How would you describe your leadership style?
I try to be as inclusive a leader as possible. I’m committed to creating space for everyone to shine. Many of the roles at Tapoly are performed by women and I speak at industry events to encourage more people to get involved in insurance/insurtech. Similarly, I always try to maintain a growth mindset. I think it’s important to retain values to support learning and development, like reliability, working hard and punctuality.
What’s the best leadership advice you’ve received?
Build your network and seek advice. As a leader, you need smart people around you to help you grow your business. It’s not about personally being the best, but being able to find resources and get help where needed.
How do you see leadership changing in a COVID world?
I think the pandemic has proven the importance of inclusive leadership so that everyone feels supported and valued. It’s also shown the importance of being flexible as a leader. We’ve had to remain adaptable to continue delivering high levels of customer service. This flexibility has also been important when supporting employees as everyone has had individual pressures to deal with during this time. Leaders should continue to embed this flexibility within their organisations moving forward.
They say ‘from every crisis comes opportunity’, what opportunities do you see?
The past year has been challenging, but it has also proven the importance of digital transformation in insurance. When working from home was required, it was much harder for insurers to adjust who had not embedded technology within their operating processes because they did not have data stored in the cloud and it caused communication delays with concerned customers at a time when this communication should have been a priority, which ultimately impacts the level of customer satisfaction. This demonstrates the importance of what we are trying to achieve at Tapoly in driving digitalisation in insurance and making communication between insurers and distribution partners seamless.
What advice would you give to your younger self just starting out in the industry?
Start sooner, don’t be afraid to take (calculated) risks and make sure you raise enough money to get you through the initial seed stage.