Strategies to mitigate ransomware related cyber-attacks in South African financial institutions

Abstract

Digital transformation has become topical amongst many organisations and industries alike. Inherent to the adoption of technology to optimise business processes and operations, cyber-attacks have become a growing concern, with ransomware becoming a top concern for organisations. South African banks have not been immune to the associated ransomware risks, as threat actors continue to find motivation to attempt infiltrating SA banks, compromising their confidentiality, integrity, and availability thereafter and demanding a ransom. Cyber-resilience is positioned as an attractive strategy to prevent and mitigate ransomware attacks. This study investigates the effectiveness of employing a cyber-resilience strategy in mitigating ransomware attacks within South African financial institutions, in particular SA banks. The study explores various best practices and factors that influence cyber-resiliency, the role that management plays in ensuring cyber-resiliency, and finally, various methods that can be employed to assess the effectiveness of cyber-resilience as a strategy. The study employs a qualitative research approach, using semi-structured interviews to collect data. With the permission granted by participants, all interviews were recorded, transcribed, and then analysed using thematic analysis. The research questions, which delve into the outlined research objectives, serve as a guide for the discussions of the findings. Literature and findings from the study show that ransomware is considered a top concern for SA banks, with an agreement that “it is not a matter of if ransomware attacks will happen, but rather a matter of when.” In response to this, findings show that the organisations covered in the scope of the study have employed a cyber-resilience strategy for prevention and mitigation of ransomware attacks, as it is noted as an effective strategy in preventing and mitigating ransomware attacks