Data analysts have warned that businesses have a primary responsibility to protect their customers from cybercriminals. They say whenever there’s a security breach, companies tend to blame the customers for negligence.

However, cybersecurity experts say the responsibility lies with both business and customers.

This is in the wake of the Virgin Active cyber attack, which saw the fitness company going offline last week.

Cybercrime and cybersecurity with Nithen Naidoo:

A data analyst from World Wide Works, Bryan Turner says the attack on Virgin Active’s online platform is one of the most high-profile attacks in the South African IT landscape.

He says it served as a reminder that businesses, whether big or small, are not immune to cyber-attacks.

Turner says customers have the responsibility to ensure that the companies that do business online are compliant with the information code of conduct.

“Our advice is to visit the Papier regulatory website and look on how to set up an information code of conduct. This will most likely provide many businesses with the correct guidelines on how to protect their business and customer data. For customers, after Papier comes into effect in just under 60 days’ time, put pressure on businesses to do business with and ask to see their code of conduct. And if there are aspects of that code of conduct you are not happy with, ask that business to delete your data and stop doing business with them.”

Cyber-attacks a global threat

Cyber-attacks are a global problem and a threat to everyone. On Wednesday, a Belgian Parliament, Universities and Science Institutions were targeted by cybercriminals.

In 2019, the City of Joburg was also hacked. At the same time, both Standard Bank and ABSA informed their customers of internet problems.

Africa experiencing 3 times more cyber attacks than global counterparts:

Africa Analysis’s Derrick Chikanga also agrees that responsibilities are for everyone.

“I think both financial service providers such as banking institutions and customers need to ensure that they do not fall victims to cybercriminals or cyber attack because the threats posed by cybercriminals are real and if not take seriously it could have huge financial implications. Institutions need to continue to invest in the most up-to-date cybersecurity solutions.”

Turner says in the case of Virgin Active, where some of the data include people’s personal health information, it would be best for the company to come clean when it comes to the magnitude of the attack.

“Personal data was most likely compromised in the case of virgin active’s compromised systems, but it wouldn’t be out of the scope that health and financial data was compromised too. Until Virgin Active updates the public about the scope of the attack, we won’t know exactly what was and what wasn’t compromised.”