In late June this year, the National Health Laboratory Services, South Africa’s public sector diagnostic pathology service, suffered a severe data breach as a result of a ransomware attack. This attack reportedly led to 1.2 terabytes of data being compromised, including third-party, client, and patient information. The consequences of this breach included significant delays in processing blood tests across public health facilities, while systems and databases were blocked.
“The nature of this breach is not novel to South Africa, with many public and private institutions having to fend off cyber attacks at a steadily increasing frequency. Industry leaders such as Mteto Nyati have been warning about the coming onslaught of attacks since the outbreak of Covid-19, stating that the country is “scarily” at risk” comments Ferdinand Steenkamp, Co-Founder at Tregter.
These kinds of data breaches are the result of poor security infrastructure and a lack of organisational cyber-security awareness training, and it has caused a growing sense of anxiety. Steenkamp believes that this increased anxiety creates a dilemma for companies whose bottom line is inherently linked to maintaining a database of customer information for marketing and other purposes: “In fact, it is becoming an existential threat to most organisations today.”
Industries most affected by these shifts in security consciousness include health and retail services, both of which collect and process customer data in large volumes.
“It goes without saying that consumers expect this information to be treated with the utmost sensitivity. Thankfully, a new class of software systems has emerged in recent years to address some of these concerns, leveraging the power and flexibility of the cloud to cater to the large scale storage, analytical processing, and security considerations demanded by customer data. These are commonly referred to as Customer Data Platforms (CDP)” adds Steenkamp.
A CDP is a customer data management software solution consisting of a centralised database that can integrate, manage, and expose consumer data to other systems in order to personalise the customer experience. In layman’s terms – a CDP stores all the data related to your customer in one place.
“You might ask why anyone would want to put all their sensitive data in a single location: Simply to ensure centralised governance and security. When data is distributed across many databases and software systems, managing organisational data access policies becomes increasingly complicated. And, as we’ve discovered across the industry, when convenience and best practices don’t align, corners get cut,” concludes Steenkamp.
CDPs are interesting in this regard, as they are both more secure and more convenient than traditional customer data management solutions, providing a single point of defence for customer data.
“In South Africa, CDP’s can be leveraged to offer companies a tighter grip on their data landscape. Due to the integrated nature of CDPs, compliance with personal data legislation is more streamlined and less at risk of non-compliance or mismanagement as well,” comments Jean de Smidt, Senior Cloud Security Consultant at Capgemini.
Cyber threats are evolving and will continue to demand that businesses evolve and upgrade their own systems. Embracing CDP systems can be an excellent public relations opportunity to demonstrate to customers that data usage and protection are vital to the stability of their operation and that great care and investment are being put in place to ensure customers do not fall victim to the next ransomware attack.
