In May 2020, the personal records of more than 24 million South Africans and nearly 794,000 companies were handed over to someone impersonating a client. The personal records, identity numbers and addresses of millions of people and thousands of businesses were given to this person because they had fooled the system.
It’s a hard lesson in how important it is to embed security not just into the technology and the devices of a company, but into its people. According to Anna Collard, SVP of Content Strategy at KnowBe4 Africa, security is not just the responsibility of IT – it is the responsibility of every single person in an organisation.
“It is critical that organisations create a culture of security in order to combat this increasingly hostile security environment,” she adds. “A successful security culture is driven by leadership, the human resources (HR) department, internal marketing & communication and ongoing security training. Truly agile and capable security is a people project, not a technology one.”
Successful security balances on three pillars: technology, policy and people.