Social media an increasing cybersecurity risk for businesses as data breaches now average R41m

Cybercrime poses an increasing threat to South African businesses, and the latest data from IBM states that the average cost of a data breach for a local business stands at R41.1 million. In fact, some analysts even estimate a figure of R53 million.

The use of social media at work, particularly on devices connected to the internal network, is putting businesses at a high risk of cyberattacks and data breaches, according to ESET.

“With cyber criminals deploying increasingly sophisticated tactics, one careless click on a fake social media ad from a work device can unleash devastating malware, trigger phishing attacks, or compromise an entire company’s sensitive data,” says Carey van Vlaanderen, Group CEO at ESET Southern Africa.

Richard Ford, Regional CTO at Integrity360, says the focus needs to shift away from pure awareness to one of building resilience in your business.

“Knowing that fast food is unhealthy does not, on its own, create a healthy lifestyle. Similarly, knowing about cyber threats does not, on its own, protect an organisation’s balance sheet,” Ford said.

“The conversation in the boardroom must evolve from asking ‘Are our employees aware?’ to ‘Is our business resilient?’ Resilience is not a passive state of knowledge; it is an active, measurable capability to anticipate, withstand, and recover from cyberattacks, ensuring the organisation continues to function and protect its value.”

How do cyberattacks occur?

ESET’s Carey van Vlaanderen says there are two main risks when it comes to employees using social media at work. 

The first is the sharing of sensitive data, such as client details, financial figures and even login credentials, on platforms that weren’t designed with cybersecurity in mind.

Phishing is the other significant risk, where employees are tricked into clicking on malicious links via fraudulent ads or direct messages.

According to research by forex broker analysts at BrokerChooser, South Africans are among the most exposed to high-risk and fraudulent financial ads online.

A single click on one of these can introduce malware, trigger phishing attacks or compromise sensitive information, and this can rapidly escalate into a company-wide vulnerability.

Van Vlaanderen says the increasing sophistication of AI is making it even harder for employees to distinguish between legitimate and fake.

WhatsApp, which has become a go-to tool for workplace communication, has become a risky platform as attackers recently exploited a glitch that allowed them to infiltrate victims’ phones and steal data. This is despite Meta having recently removed more than six million scam-linked WhatsApp accounts globally.

“These platforms were built for consumers, not corporations - so they don’t offer the same level of security and privacy protection that purpose-designed systems guarantee. Operating outside formal safety controls, risky cyber activity can easily bypass protections and go unnoticed,” says van Vlaanderen.

“Even just sharing details about work, clients, and colleagues online can be risky, since it provides cybercriminals with all the information they need to impersonate managers in business phishing emails. From employee through to CEO, everyone needs to remain vigilant and be thoughtful about what they are posting online,” says van Vlaanderen. “These are all things that can be included in a business's social media policy.”

She said training employees to identify risks on their own was critical for keeping up with rapidly evolving threats.

Integrity360’s Richard Ford says employees not only need to know how to spot a threat but also how to respond. 

"When an employee spots a potential threat, is the process for reporting it immediate and unambiguous? Do they know exactly who to contact without having to consult a manual? Empowering employees means equipping them not just with knowledge, but with straightforward, drilled procedures that make the right action the easiest action. This transforms them from a potential liability into a distributed threat detection network," Ford said.

He said true resilience is built in the layers behind your employees. Companies should also be able to minimise the impact of an inevitable attack and deal with it quickly, as the longer an attacker remains undetected, the more data they can steal. This is where a Managed Detection and Response (MDR) system comes into its own.

“Business leaders must begin asking different questions of their security teams. Move the focus from awareness metrics to resilience capabilities. How quickly can we detect and respond to a breach? Have we pressure-tested our response plan with the executive team? Can we quantify our most critical risks in financial terms?” Ford concluded.

IOL Motoring