4 mins

As companies start to gear down for the holidays, so begins the busiest time of year for cyber criminals. Networks and company systems are typically watched with less scrutiny by skeleton crews, making it a prime time for hackers to ramp up spam, phishing, ransomware, and malware attacks. Employees can also be distracted or in a rush to finish tasks as the business prepares to shut down, so they may let their guard down, miss signs of a cyber attack, practice poor cyber safety, or get duped through social engineering.

Ransomware and Phishing Love The Festive Season Too

A report in December 2021 showed that ransomware attacks increase by 30% on average across the world during the holiday season while attempted ransomware attacks grow by 70% in November and December[i]. Phishing attacks also increase dramatically, with statistics in 2021 showing an increase of 150%, as email communication around Black Friday deals and festive season offers flood inboxes[ii].

With companies’ security postures directly linked to the possibilities of attack, businesses should know the cold hard truth about their cyber security health ahead of the festive season.


A vulnerability audit is the starting point for any business that has no view of its security posture.

The Real Gift of Vulnerability Assessments and Audits

Vulnerability assessments reveal how organisations’ people, networks, endpoints, and web applications could give attackers unintentional access to confidential company data based on how they have been designed and managed. 

Performing regular network vulnerability assessments is the best way to mitigate cyber risks, identify network issues, and fix vulnerable areas before any malicious unauthorised actions can happen.


For most businesses, a vulnerability audit is an eye-opener, especially for those that believe they’ve got their cyber security sorted. Companies often apply what they can afford to the areas of the infrastructure they believe to be most important, but this approach is costly and not always effective, especially when solutions are badly configured, left unmonitored or out of date.

Staying a Step Ahead: Find Out the Unknowns

One study revealed that 84% of companies have high-risk vulnerabilities on their external networks but that half of these could be removed simply by installing updates[iii].

It’s impossible to protect what you don’t know needs protecting.


“Unfortunately, a lot of businesses have no idea where or how they are vulnerable. As threats and threat actors are constantly evolving, vulnerabilities are always shifting, making it prudent for businesses to have cyber security health checks regularly, and before periods when cyber crime is known to increase,” Charl Ueckermann, Group CEO, AVeS Cyber Security.

Knowing where gaps and vulnerabilities lie is the only way of ensuring that cyber security is beefed up adequately to address them. Patchwork efforts to close security gaps reactively are hardly ever effective, according to Ueckermann.

Pave the Way for Success

Additionally, the cost of protecting systems and data against cyber threats can rocket when investments in security technologies aren’t planned and don’t consider the company’s specific risks. At the heart of keeping company networks safe and security costs as low as possible is choosing the right tools for the job, configuring them properly, and monitoring them.

Regular cyber security health checks will pinpoint the most critical operational risks and unique security challenges before attackers exploit their weak links. Until then, it’s all just a shot in the dark.


“With advanced and diverse methods of attack, the overall security posture of network systems, endpoint systems, email users and web applications should be evaluated regularly. An email security scan is just not going to cut it, especially if the software is not updated or if there are loopholes elsewhere.


AVeS Cyber Security urges South African companies to get ahead of cyber criminals this festive season by getting cyber health checks done on their systems. The company is offering affordable Black Friday packages to help companies get equipped for a cyber-safe festive season. The packages are focused on equipping businesses to understand where their vulnerabilities are.

Don’t be scared to discover the loopholes in your organisation’s security architecture and cyber security awareness weak points. Know where you stand so that you know where to begin to protect systems, employees, and customers.



Make use of any of the following Festive Specials to help protect your organisation against cyber crime:

      • Internal Vulnerability Scan: Scan of the internal network for any vulnerabilities on endpoints and at a network level.
      • Security Health Check: Review of the technical configuration of an implemented technology, such as endpoint protection or firewall configuration, and report of security risks.
      • 5-Day Technical Risk Posture Assessment: Review of the technical configuration of all your existing technology implementations. It provides a holistic overview of security gaps within the entire IT environment.
      • External WebApp Scan: Scan of the external public-facing platforms. It provides a report on all detected vulnerabilities.
      • 5-Hour Remote Bundle Support: Remote support bundle to use for technical support.
      • 10-Hour Remote Bundle Support: Remote support bundle to use for technical support.
      • 50% Off 90-minute Live, Interactive, Instructor-led Cyber Awareness Webinar: An interactive, in-person or live online cyber security awareness training session.
      • 20% Off Fully Managed GoldPhish Cyber Awareness Training Platform: 12-month access to an innovative, interactive, web-based cyber security awareness training and simulated phishing platform.
      • Managed Cloud Backup for M365: Fully managed cloud backups of Microsoft 365 data with no infrastructure investment.
      • CIS-Based Assessment for Azure: Deep dive into Microsoft Azure environments’ security with a CIS[iv]-based assessment, documented findings with recommendations, and a remediation roadmap.
      • CIS-Based Assessment for M365: Application-driven assessment and findings of the Microsoft 365 tenant’s security configuration. It includes aligning the findings into priority groups and creating a CIS-based report.
      • Online 5-day Information Security Assessment based on ISO 27001: Comprehensive maturity assessment of information security, cyber security, and privacy based on an international information security standard.
      • Online 5-day POPI Act Assessment: Comprehensive assessment of the company’s related practices and activities in alignment with the requirements of POPIA[v].
      • Online 2-day I&T Governance and Management Masterclass based on COBIT 2019: Learn what your IT objectives and practices are, how to align them, and which activities the business requires from IT.
      • Online 2-day Information Security Masterclass based on ISO 27001: Learn about the international requirements and implementation guidelines for information security, cyber security, and privacy. Topics include tips to protecting three aspects of an organisation’s data: its confidentiality, integrity, and availability.
Do you like this article? To receive our monthly newsletter sign up for our newsletter here.

Get ahead of cyber criminals this festive season

Put your mind at ease with our hand-picked Festive deals and keep cyber criminals at bay this December. Secure your networks and rest assured knowing that the A-Team has your back.

Pin It on Pinterest

Share This