What is cybersecurity?
Cybersecurity refers to the protection/defense of the computer networks, systems, servers, and other digital devices that collectively makeup cyberspace.
What are the different types of Cyber Attacks individuals or organizations encounter?
Globally, ransomware is currently the most prevalent threat and many industries and sectors have been affected.
Phishing attacks are also at an all-time high. Phishing is a gateway to other attacks like data leakage.
At an individual level,(s)extortion, revenge porn attacks, and identity theft are also widespread.
Why should individuals, SMEs, both the private and public sectors need to be conscious of cyber security?
Technology has pervaded all aspects of our lives and cyber risks are present in everything we’re doing; from online shopping and banking to social media and telehealth.
This is more relevant than before because the COVID-19 pandemic further accelerated the uptake of technology and saw faster adoption of remote working means and methods which, consequently, blurred the lines a bit between corporate and personal/home technology environments.
What’s the state of cybersecurity in Uganda?
- Cyber security trends?
We’re at, what I call, the take-off stage. Cyber attacks are growing in frequency and sophistication. Legislation is in place but isn’t and well-enforced.
- Why is that the case?
There’s still a dearth of cybersecurity information and awareness.
Information on cyber attacks is not shared by sector or industry. An entity gets attacked and does not disclose, which would otherwise be helpful in making others aware of attacker techniques and helping them adjust accordingly. Also, cybersecurity hasn’t been mainstreamed by the majority of corporate and government entities.
What are some of the best practices for any individual or institution to implement in order to improve their cyber security?
- First and foremost, keep devices and systems patched. Always have the latest available software updates installed. This will do away with vulnerabilities resulting from running out-of-date systems.
- Yes, there are concerns of supply chain attacks (e.g SolarWinds) but these are not in everyone’s threat model.
- Organizations should also endeavor to have complete knowledge and monitoring coverage of their technology assets.
- Multi-Factor Authentication should be enabled and enforced wherever possible.
- Password managers should be used. These help with generating strong passwords/phrases that one doesn’t have to memorize and help do away with password reuse.
- Being mindful of one’s social media postings is another good cybersecurity practice. Some postings include information that may be leveraged to compromise one’s digital security in one way or another.
- Think before you click is another way of staying safe in cyberspace.
- Maintaining a healthy degree of suspicion and taking a moment to think through before clicking on an email/link helps one reduce or even completely avoid malware infections.
What does the Future look like for Cyber Security in Uganda?
The country is waking up to the reality of cybersecurity.
More and more players from the private sector, academia, and government are getting involved so that’s a boon.Education institutions are now offering cybersecurity education, legislation is being updated to cater for cybersecurity and more and more entities are now more cognizant of cybersecurity and are adjusting their policies and recruitment to match.
We’re not where we should be as a country but we’re moving and playing catch up.
CyTeza is a Kampala-based #cybersecurity consulting firm offering cyber offense, defense, managed security, and cybersecurity training services.