Authored by: Jonathan Crisp, Risk Intelligence Committee Member at The Institute of Risk Management South Africa

In speaking to Junaid Amra, head of the Forensics Technology Solutions division at PwC, it is somewhat terrifying to hear the extent and sophistication of organised cyber-crime, and that it is on the increase. This, at a time when the world is reeling from the effects of COVID-19.

PwC has various business units within their forensics technology division ranging from eDiscovery, search and seizure operations, data analytics, threat intelligence (which includes the monitoring of social media and the underground dark web) and an incident response team.

A shocking fact is that at the time COVID-19 struck, medical facilities were targeted aggressively by cyber criminals. One of the first recorded incidents was a medical facility in Prague where cyber criminals targeted a COVID-19 testing centre and disrupted operations.

What was interesting however, is that as cyber criminals and all their loved ones fell ill, the conversations on the dark web changed to being unacceptable to target medical facilities; so the demand for stolen medical data dropped as certain sites refused to publish the information and holding medical care facilities ransom decreased significantly.    

Cyber threats can be categorised as follows:

• State funded cyber warfare can include state sponsored espionage, corporate espionage focused on various sectors (such as defence, finance, mining etc) and hacking politically exposed individuals. Geopolitics are currently playing out in the cyber arena.

Recent examples of this are state sponsored hackers breaking into ship building facilities looking for ice breaker ship technology/schematics in their race for the Arctic, other players have been targeting research on COVID-19 vaccines and there have also been continued attacks between India and Pakistan from a cyber-warfare perspective etc.
In our own country, cyber hacking of high profile politically exposed individuals remains a huge threat. Imagine how advantageous it is for corrupt individuals files to just disappear or be amended ‘appropriately’.  At a time when our country is being sunk by the corruption of unscrupulous individuals, now more than ever we as civil society require justice and transparency, which requires the protection of and integrity of our state systems and information. 

• Organised crime which is focused on financial gain. These organisations are becoming more and more sophisticated and are no longer ‘mom and pop shops’ but rather well organised profit-driven corporate organisations.These organisations setup specialised divisions such as a software division for the development of malware software, a distribution network division, a money collection division etc. These organisations are expanding their operations by identifying channel partners to distribute their malware for a share of the proceeds. It is not uncommon for these criminals to realise a return on investment (ROI) of up to 400% on their malware based on some information seen in surveys in this space.

• Activists who express their anger and discontent through hacking. Good examples of this are Anonymous, who in April 2012, hacked 485 Chinese government websites (some more than once) to protest the treatment of their citizens and Blueleaks who recently leaked the personal information of 700,000 law enforcement officers.Other examples include the Arab spring, cyber-attacks against the SABC in 2016 /2017 when the SABC decided not to air the country-wide protests at that time and attacks on the sponsors of the football world cup held in Brazil in 2014 by those who did not want the tournament held in Brazil. 

• Insiders such as employees and 3rd party service providers. The motives can be for personal gain, revenge (i.e. disgruntled employees) or insiders recruited by nation states. An increasing threat are ‘accidental’ insiders who unwittingly do silly things that end up exposing data and / or backdoors into their systems and data.What is disturbing is the increase in IP (intellectual property) theft by executives who leave an organisation due to retrenchment, to join another company or start their own company. Stolen IP may well give these executives a strategic advantage when joining a competitor company or starting their own businesses. There has been an increase in Anton Piller orders relating to IP theft, which is a court order that requires the defendant in proceedings to permit the plaintiff, or their legal representatives, to enter the defendant's premises in order to obtain evidence essential to the plaintiff's case.

There are no official stats for cyber-attacks in South Africa as legislation compelling organisations to declare incidents is lagging in South Africa. PwC statistics over the COVID-19 period show that there was a significant increase in cyber-attacks on sectors such as retail, manufacturing, telecoms and construction.
This was based on leaked information posted by attackers. These sectors are easier targets compared to the financial sector since they traditionally do not invest as heavily in cyber security as the financial sector. As result of COVID-19, there has been less demand for stolen credit card details due to the slowdown in international travel.

PwC recently analysed the top 250 emerging technologies and have come out with a list of 8 technologies that they believe will be the most transformative to organisations in the next 3 to 5 years. The 8 transformative technologies are:

• Artificial Intelligence (AI). For example, PwC is leveraging AI technology to speed up investigations through the use of natural language processing on unstructured data.
• Augmented reality: Augmenting a virtual world into the real world. For example in complex manufacturing where the operator wears glasses to show them how to fit a part.
• Blockchain creates trust because it represents a shared record of the truth. Data that everyone can believe in will help power other new technologies that dramatically increase efficiency, transparency and confidence.
• Internet of Things (IoT): IoT is moving towards more intelligent devices not just monitoring but also performing actions such as in the mining industry using technology not only to monitor air quality but perform actions based on what is detected.  
• 3D printing: where the organisation’s IP and schematics become critical to their business rather than their ability to manufacture.
• Virtual Reality: For example, simulating a disaster with employees wearing VR glasses to train them how to react in a real disaster.
• Robotics: there are huge advances in the building of robots including the material used with hydraulics being replaced with synthetic materials which look and feel like human tissue making it difficult to differentiate between robot and human in physical form factor.
• Drone Technology: Essentially, a drone is a flying, land or water robot that can be remotely controlled or fly autonomously through software-controlled flight / route plans in their embedded systems, working in conjunction with onboard sensors and GPS. From surveillance to distribution, the uses for such technology are endless.

Businesses will and are starting to use a combination of these transformative technologies to fast track their businesses. These technologies introduce a whole new set of risks which arguably businesses are not prepared for and don’t have a handle on.

In summary, the convergence and timing of the following events, if not managed effectively, may contribute to a ‘perfect storm’ and destroy an organisation:

• COVID-19 which has triggered a changing work pattern with many people working from home or a hybrid of office and home. The defined perimeter of an organisation is expanding and opening up additional vulnerabilities. According to Junaid, on average attackers sit on a network for 60-130 days without being detected. Far more work needs to be done in terms of detective controls and to detect attackers and remove them from networks and systems as soon as possible. 
• Transformative technologies introduce a whole new set of risks which are not fully understood by organisations who are already rolling out these new technologies. This shouldn’t stop the adoption of these technologies, however organisations need to ensure that the risks are appropriately understood and treated ahead of being implemented.
• Cyber-criminal operations which are becoming far more sophisticated and are starting to be run like large-scale corporates with specialised divisions including outsourced channel partners to drive the large-scale distribution of malware for example. Don’t forget that these organisations have budgets and profit targets and spend all day every day finding ways to infiltrate your systems, hold you ransom and/or leak your data and/or steal your IP.

Questions to consider as assurance providers:

• What are we doing as risk and assurance providers to identify, understand and get on top of new risks associated with these new transformative technologies?
• What are we doing to demonstrate to our management and board (governing body) that cyber risk is not just an IT problem for IT to fix but is a serious business risk and is everyone’s concern?  
• What are we doing to ensure that we add value and are seen as a trusted advisor in the strategy setting of our organisation? As per principle 4 of King IV: on strategy, performance and reporting: The governing body should appreciate that the organisation’s core purpose, its risk and opportunities, strategy, business model, performance and sustainable development are all inseparable elements of the value creation process.

ENDS

MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za 
 
For more information on IRMSA please visit:
Website: https://www.irmsa.org.za/
Twitter: https://twitter.com/IRMSAInsight
Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl
LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/

President Cyril Ramaphosa, as chair of the National Command Council established under the Disaster Management Act, will tonight be honoured by the Institute of Risk Management South Africa (IRMSA) for the impact the Risk Adjusted Strategy had on responding to the enormous risks posed by the Covid-19 pandemic on the country and its people.
​
Jackson Mthembu, Minister in the Presidency, will accept the Risk Influencer of the Year Award on behalf of Pres Ramaphosa during the annual virtual awards ceremony.

Broader recognition 
IRMSA introduced the Risk Influencer of the Year Award three years ago in recognition of individuals or organisations in business or government who are not risk professionals, says Gillian Le Cordeur, CEO of The Institute of Risk Management South Africa.

“However, their understanding of the importance of risk management impacts directly on the work that we as risk professionals do. It elevates the role of the institute and the importance of effective risk management.”

Throughout the year the IRMSA board considers any individual or organisation that has influenced or impacted business or society through their leadership role and the promoting of the value and importance of risk management. 
 
Unanimous decision
The Risk Adjusted Strategy implemented by the President and his council received the unanimous vote from the IRMSA Executive Committee. The strategy has made the biggest impact during an extraordinary moment in our country, says Le Cordeur.

The strategy considered the impact of the coronavirus and developed measures in which business, the economy and individuals could navigate the risks associated with the coronavirus.

Elevate communication
The institute was able to elevate its communication and advice with government on the risks posed by the virus.

“We are delighted with the fact that the Presidency, as a corporate member of IRMSA, acknowledged the role of risk management through its Risk Adjusted Strategy and the role risk management plays, whether it is a pandemic or a process or any other risk facing the country,” says Le Cordeur.

Previous winners  
Since the inception of the award prominent leaders such as Clem Sunter, South Africa’s most highly regarded scenario planner and strategist, received the award for integrating risk management into his approach to scenario planning and actively involving and supporting the risk profession in that regard.

The King Committee received the award for the King IV Code that highlighted the role of risk management in governance.

Last year the Risk Influencer of the Year went to Chief Justice Mogoeng Mogoeng, for his active role in promoting the importance of risk management for South Africa ensuring that we respond to the right opportunities, highlighting new risks as they emerge whilst managing those that already exist. 

Also, for putting those significant risks our country faces in the spotlight.  Risks like greed, corruption, climate change, leadership and crime, to name a few.

ENDS

MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za 

For more information on IRMSA please visit:
Website: https://www.irmsa.org.za/
Twitter: https://twitter.com/IRMSAInsight
Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl
LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/

The Institute of Risk Management South Africa (IRMSA) says that its annual Risk Report, due to be launched in February 2021, will be one of its most important yet.
 
Published annually, IRMSA’s Risk Report is widely seen as the definitive examination of the risks faced by South Africa and the organisations that operate within its borders.
 
Christelle Marais, Vice President of IRMSA and the Chair of the Risk Intelligence Committee, says that the 2021 report will focus on lessons learned from the COVID-19 crisis for the risk management discipline.
 
“Most organisations had a pervasive risks such as a pandemic on their risk registers, but few, if any, anticipated the real extent of the risk it actually posed,” she explains. “Because the world is so interconnected, the real issue is not the pandemic risk as such, but rather similar risks that could materialise in an equally far-reaching manner. Our risk report strives to answer the question: What do we as a country and as individual organisations need to be doing to deal with systemic risks of this scale?”
 
Last year, IRMSA introduced some major methodological changes to its report, designed to make it  more useful to risk decision-makers outside of the risk management discipline and to address the concerns of CFOs and COOs more directly.
 
This approach will be continued this year, with the JSE assisting IRMSA to connect with decision-makers in the private sector; a wide range of public-sector decision-makers will also be included.
 
“Our aim is to ensure that this report will help organisations not only understand the risks they face, but also to see their risks within the context of the sector in which they operate and the national and global socio-economic contexts, as well,” Ms Marais says.
 
The 2021 report will be divided into five sections that take readers on a journey.
 
Section 1 will incorporate insights from top South African leaders in the private and public sectors, small-medium enterprises and non-profits.
 
Section 2 will examine the scenarios that South Africa is facing, and will provide a discussion about systemic thinking and risk appetite.
 
Section 3 will then examine each of the identified risks in detail. While some of these risks will naturally have been carried over from last year, new ones will also feature—for example, the risk that COVID-19 has changed consumer behaviour for good.
 
In the final two sections, the report will identify the competencies that South Africa as a country as well as South African organisations will need to succeed. Qualitative input will be sourced from C-Suite leaders via a survey, and highly specialised qualitative analysis will be used to generate useful insights. The report will culminate in a call to action for all to collaborate as we build a risk resilient country.
 
“Each time a risk materialises, we learn more about what risks means in a world that’s increasingly complex,” Ms Marais concludes. “The IRMSA Risk Report is required reading in a world that is increasingly uncertain and in which the effects of risk are increasingly difficult to predict.”
 
ENDS

 
MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za 
 
For more information on IRMSA please visit:
Website: https://www.irmsa.org.za/
Twitter: https://twitter.com/IRMSAInsight
Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl
LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/