Episode 46

The Challenges and Best Practices of Cyber Security in Emerging Markets

“While developed markets may today bear the brunt of cyber breaches, emerging markets are no less vulnerable. Their risks arise from weak processes and governance, the complexity of global supply chains, the need to remain low cost to attract investment, and the rapid adoption of technology without adequate cyber defenses.” Andre Keartland, Solutions Architect at Netsurit, Johannesburg, South Africa, speaks to these realities and offers guidance on managing cyber risks and implementing robust security solutions.


Time Stamps

00:49 -- We have a lot to talk about. But let's first talk about your professional journey.

04:05 -- It would be beneficial if you shared with listeners what we mean by emerging markets. You could talk about that first before talking about the trends.

07:20 -- Bottom line, it is my hunch that the cybersecurity phenomenon doesn't discriminate, every country, whether they are part of the emerging block or the developed block, the experiences are kind of similar. What do you think? What are your reactions?

09:54 -- Research finds that risks to emerging markets arise from four areas: 1) the complexity of supply chains; 2) the need to remain low cost to attract investments; 3) the rapid spread of technology without adequate availability or awareness of training; and 4) weak regulations. Would you agree with these?

15:46 -- Andre, you're based in South Africa. Let's say some of the listeners might be interested in working or starting a venture there. As they evaluate the business scene, the pros and cons, how should they look at cyber security as a risk factor? What would be your message to them?

20:57 -- The initial bonding and acquaintance phase is challenging when establishing reliable outsourcing relationships. Andre, any thoughts on that?

25:09 -- What can organizations in the developed world learn from organizations managing cybersecurity in emerging markets?

32:05 -- In developing markets, organizations are more alert, more hungry, and more motivated in putting in place the best possible cyber governance practices. So, the sharing of knowledge, the sharing of experiences can be hugely beneficial. Your thoughts?

43:20 -- I always like to give my guests the final word. So now is your time for some final thoughts.


Memorable Andre Keartland Quotes/Statements

"There might be a perception that developed markets aren't as much of a target, which makes them more of a target because it makes it appealing for the attackers."

"There's even a trend of attackers doing proof of concept of the threats inside an emerging market before they go mainstream and try to attack Fortune 500 companies in North America."

"Threats have no boundaries; once they get going, they affect everybody."

"A low cost model often drives economies in the developing markets. That leads to a mentality and an approach where the organizations will then say, well, let's try and cut our costs as much as possible; let's invest in the core of our products, product development, building, the factory. Supporting functions, like cybersecurity, like governance, become de-prioritized."

"What I recommend in general, when going into any emerging market, and as somebody who's now done business in many, many different countries, you need to take a view of the legislative framework. You need to understand whether the local legal system enforces things like copyright, intellectual property, and privacy laws; sometimes, those are not high priorities in emerging markets."

"The best way to get your skills is to build your skills, get the people in the door, put in place training programs, put in place internships, put in learnerships, put in partnerships between organizations, but then take people, grow them up, and turn them into the cyber professionals that you're going to be needing a decade from now."

"I always say every solution is not just put in place good tech, it's always technology, people and process. So put in the good tools, but also make sure that the people know how to work with it, people know what they have to do, when they have to do it, how they have to do it. And then have the processes that define the policies and the governance and the flow of what we have to do, the task assignments for everybody in that environment. And only if you have all of those covered are you actually going to have a good secure solution."

"Organizations in emerging markets perhaps don't have such a strong culture and history of commitment to governance and supporting functions like cybersecurity."


Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

https://www.imd.org/ibyimd/magazine/preventing-security-breaches-must-start-at-the-top/

https://www.imd.org/ibyimd/strategy/mission-critical-how-the-american-cancer-society-successfully-and-securely-migrated-to-the-cloud-amid-the-pandemic/

Latest Webinars:

https://us02web.zoom.us/rec/share/5H3vdv8eJgZRFMEa_w-JApCjpBczEcwpsqY6HRRZl6gOfanvhDLN1oiVnFA_qSE.kFJ0JGmlJt2d30Ip 

About the Podcast

Show artwork for The Cybersecurity Readiness Podcast Series
The Cybersecurity Readiness Podcast Series
with Dr. Dave Chatterjee

About your host

Profile picture for Dave Chatterjee

Dave Chatterjee

Dr. Debabroto 'Dave' Chatterjee is tenured professor in the Management Information Systems (MIS) department, at the Terry College of Business, The University of Georgia (UGA). He is also a Visiting Scholar at Duke University, affiliated with the Master of Engineering in Cybersecurity program in the Pratt School of Engineering. An accomplished scholar and technology thought leader, Dr. Chatterjee’s interest and expertise lie in the various facets of information technology management – from technology sense-making to implementation and change management, data governance, internal controls, information security, and performance measurement. His work has been accepted and published in prestigious outlets such as The Wall Street Journal, MIT Sloan Management Review, California Management Review, Business Horizons, MIS Quarterly, and Journal of Management Information Systems. Dr. Chatterjee’s research has been sponsored by industry and cited over two thousand times. His book Cybersecurity Readiness: A Holistic and High-Performance Approach was published by SAGE Publishing in March 2021.