Without the correct technology and trained cyber personnel in place by businesses, the sudden transition to remote working last year held a door wide open for cybercriminals to gain access to a business’ data. The ACSC Annual Cyber Threat Report revealed the severity of cyberattacks are increasing due to the growing dependence on information technology platforms and interconnected devices and systems.
Australian businesses need to be mindful of cybercriminals’ tactics that exploit vulnerabilities and weaknesses in their systems. The Verizon DBIR report shows us that an organisation’s primary weakness is in its people, which is why it’s important for individuals to be aware of cyber threats at all times, as they are a business’ first line of defence.
According to the Office of the Australian Information Commissioner’s Notifiable Data Breaches Report, for the July-December 2020 period, 58 per cent of the 539 breaches reported were a result of malicious or criminal attack, while 38 per cent were due to human error.
These findings alone, highlight the need for organisations to invest in cybersecurity training for their employees to instil best practices into the business. By doing so, organisations will strengthen their cyber resilience and help to reduce the amount of overall data breaches Australian businesses experience.
One mistake can make an entire business vulnerable
Cyberattacks are one of the most prominent threats facing individuals and businesses. A fault in a technical product or service that lacks ‘secure by design’ principles can forfeit an organisation’s system and be made vulnerable to cybercriminals to exploit their network. At which point, the fate of the business rests solely in the hands of a malicious threat actor.
If this happens, the best solution for the business is to securely isolate these systems and monitor their systems and networks for threats through the use of active detection and response tools.
Compromising a vulnerable system isn’t the only way threat actors find their way in. Social engineering remains the preeminent way for threat actors to get access to a computer, with 85% of breaches last year involving human interaction (Verizon DBIR 2021 report).
Social engineering is a psychological attack. In one of these attacks, the victim is tricked into doing something they should not do. This could include providing credentials and passwords, or it could be by clicking on a link in an email that then downloads malware onto the user’s computer. Once malicious malware is in place, the threat actor has the power to do just about anything they want whether it is looking for confidential data, extracting data from the victim, or encrypting data to hold for ransom.
Businesses and individuals, alike, need cybersecurity training to decrease the number of breaches by spotting social engineering attempts. Furthermore, businesses need to be continually implement software updates to their systems, in a timely manner, to ensure their data is safeguarded.
Training programs that increase employees’ understanding of cybersecurity and the threat landscape should not act as a business’ entire cybersecurity strategy, but instead form part of it. By having a workforce that knows what to look out for, the organisation is better-positioned to combat malicious attacks and places less dependence on one solution (e.g. technology infrastructure). As we march into the second half of 2021 and continue grappling with remote-working models, it’s imperative organisations educate their employees to increase cyber resilience and decrease the number of breaches we see.
Josh Lemon, certified instructor at SANS Institute and managing director, APAC, digital forensics & incident response at Ankura