SRS Advanced Security Center
SRS’s Advanced Security Center (ASC) in Nairobi is a “knowledge
factory” that is used to address various technology issues. SRS created
the ASC to provide a controlled environment in which leading
security professionals conduct security testing activities.
The centers also provide training, demonstrations, and an environment that facilitates interaction, knowledge transfer, and project collaboration.
Security experts warn Kenya faces growing cyber threat
SRS was recently asked by the Business Daily magazine to provide insight into the issue of cyber security and its impact on Kenya. One of SRS directors, Jason Finlayson gave some comments on this. Read on below:
Security experts have sounded renewed warning that Kenya stands the risk of becoming one of the world’s major information security hotspots due to the general lack of awareness on existing threats, absence of a dedicated cyber security watchdog and legal framework.
Financial institutions and companies are primary targets as the defence of sensitive data is not being upgraded in tandem with shifting threats.
“As a whole, the current level of cyber security in the country is in immature stage - while there has been some progress over the last year, not enough is being done to secure vital information,” said Jason Finlayson, Director of Operations at Security Risk Solutions.
Mr Finlayson said that the country risked joining South Africa, Nigeria, Cameroun and Ghana as one of the African countries that are quickly becoming as havens for e-criminals.
“With increased fibre connectivity, we can expect the number of opportunistic attacks originating from Kenya to increase exponentially,” said Mr Finlayson.
Following last year’s arrival of high speed internet connectivity through undersea fibre optic links, an increasing number of industry analysts have raised the alarm over the security preparedness of Kenyan companies Financial institutions, mobile service providers and companies that have an online presence have been tagged as prime targets for hackers – malicious programmers who break into computer systems - as the country moves more of its business processes online.
Security analysts say the advent of high speed connectivity will draw the attention of international hackers who were previously put off by time it would have taken to break into local websites. In addition, many companies put themselves at risk due to a lack of awareness of the threat.
Rise in theft
Currently, the biggest security issues facing companies in the country is information theft by employees, who can siphon information from company data banks and pass it on to competitors.Security Risk Solutions said that the last year had seen a rise in syndicated thefts - where employees of banks collude with international hackers to coordinate theft attacks and later share the spoils.
“Alongside credit card fraud, this is the most prevalent theft currently being encountered by local banks,” said Mr Finlayson.
For companies in the financial sector, such employees tend to undertake fraudulent activity such as monetary theft by manipulating data.
“Poor governance by firms and the changing market dynamics have created the need for evolving solutions. Companies need to have a holistic view of their security needs,” said Collin Mamdoo, the chief operating officer of IS Solutions.
Financial institutions and companies are primary targets as the defence of sensitive data is not being upgraded in tandem with shifting threats.
“As a whole, the current level of cyber security in the country is in immature stage - while there has been some progress over the last year, not enough is being done to secure vital information,” said Jason Finlayson, Director of Operations at Security Risk Solutions.
Mr Mamdoo said that many companies were wary of the hefty costs associated with deploying an effective security solution which was leading to more solutions being outsourced.
Confidential information
“There has been a move from companies buying the software to buying service packages that are outsourced. Often, companies can save time, money and talent by using this option,” said Mr Mamdoo.A recent report from Symantec Corp revealed that malicious code activity continued to grow at a record pace throughout 2008, primarily targeting confidential information of computer users.
The report said that cyber criminals were profiting from creating and distributing customised threats that steal confidential information, particularly bank account credentials and credit card data.
“The unfortunate reality is that innocent Web surfers can visit a compromised website and unknowingly place their personal and financial information at risk. Computer users have to be extra vigilant about their security practices,” said Marc Fossi, executive editor, Symantec Internet Security Threat Report XIV.
2010/05/24 - Extracted from the Business Daily Magazine published May 24th 2010
Security News
 |
|
|
|
|
 |
 |
 |
 |
|
Securing a computer system has traditionally been a battle of wits: the penetrator tries to find the holes, and the designer tries to close them. - |
|
|||
 |
|
|||
 |
 |
|
||
 |
|
|||
Security Risk Solutions Ltd Partners
|
|
|||||
Security Risk Solutions Ltd.