Business Daily Media

Men's Weekly

.

Cybersecurity is on the rise: What your business should do about it

  • Written by Josh Lemon, certified instructor at SANS Institute and managing director, APAC, digital forensics & incident response at Ankura

Without the correct technology and trained cyber personnel in place by businesses, the sudden transition to remote working last year held a door wide open for cybercriminals to gain access to a business’ data. The ACSC Annual Cyber Threat Report revealed the severity of cyberattacks are increasing due to the growing dependence on information technology platforms and interconnected devices and systems. 


Australian businesses need to be mindful of cybercriminals’ tactics that exploit vulnerabilities and weaknesses in their systems. The Verizon DBIR report shows us that an organisation’s primary weakness is in its people, which is why it’s important for individuals to be aware of cyber threats at all times, as they are a business’ first line of defence.  


According to the Office of the Australian Information Commissioner’s Notifiable Data Breaches Report, for the July-December 2020 period, 58 per cent of the 539 breaches reported were a result of malicious or criminal attack, while 38 per cent were due to human error. 


These findings alone, highlight the need for organisations to invest in cybersecurity training for their employees to instil best practices into the business. By doing so, organisations will strengthen their cyber resilience and help to reduce the amount of overall data breaches Australian businesses experience. 


One mistake can make an entire business vulnerable 

Cyberattacks are one of the most prominent threats facing individuals and businesses. A fault in a technical product or service that lacks ‘secure by design’ principles can forfeit an organisation’s system and be made vulnerable to cybercriminals to exploit their network. At which point, the fate of the business rests solely in the hands of a malicious threat actor. 


If this happens, the best solution for the business is to securely isolate these systems and monitor their systems and networks for threats through the use of active detection and response tools. 


Compromising a vulnerable system isn’t the only way threat actors find their way in. Social engineering remains the preeminent way for threat actors to get access to a computer, with 85% of breaches last year involving human interaction (Verizon DBIR 2021 report).


Social engineering is a psychological attack. In one of these attacks, the victim is tricked into doing something they should not do. This could include providing credentials and passwords, or it could be by clicking on a link in an email that then downloads malware onto the user’s computer. Once malicious malware is in place, the threat actor has the power to do just about anything they want whether it is looking for confidential data, extracting data from the victim, or encrypting data to hold for ransom. 


Businesses and individuals, alike, need cybersecurity training to decrease the number of breaches by spotting social engineering attempts. Furthermore, businesses need to be continually implement software updates to their systems, in a timely manner, to ensure their data is safeguarded. 


Training programs that increase employees’ understanding of cybersecurity and the threat landscape should not act as a business’ entire cybersecurity strategy, but instead form part of it. By having a workforce that knows what to look out for, the organisation is better-positioned to combat malicious attacks and places less dependence on one solution (e.g. technology infrastructure). As we march into the second half of 2021 and continue grappling with remote-working models, it’s imperative organisations educate their employees to increase cyber resilience and decrease the number of breaches we see.



Josh Lemon, certified instructor at SANS Institute and managing director, APAC, digital forensics & incident response at Ankura

Minns Labor Government shutting down the Business Connect program

The NSW Opposition is concerned that the Labor government will shut down a support program that has assisted New South Wales businesses. In a media ...

Samsara Eco appoints Dr. Lars Kissau as General Manager for Asia

Australian biotech innovator Samsara Eco has announced the appointment of Dr Lars Kissau as its first General Manager of Asia. Based in Singapore...

From the first bounce to the final siren - small business lessons from the AFL Grand Final

The AFL Grand Final is one of the most anticipated days on the sporting calendar. This Saturday, the Geelong Cats and Brisbane Lions will battle i...

Australia’s top finance leaders recognised as CFO role expands

Amid surging regulatory demands and rapidly evolving industry, Australia’s most influential Chief Financial Officers will be honoured at the inaug...

Why outdated security leaves small businesses exposed to crime

Small and medium businesses in Australia are under increasing pressure to address security gaps that criminals readily exploit. An unlocked door, an...

Why it’s time telcos rethink location and put customer experience first

Maurice Zicman, Vice President - CX Strategy at TP in Australia unpacks why the telco industry must rethink old assumptions and focus on digital-f...

Sell by LayBy