Business Daily Media
Business Marketing

Cybersecurity is on the rise: What your business should do about it

  • Written by Josh Lemon, certified instructor at SANS Institute and managing director, APAC, digital forensics & incident response at Ankura

Without the correct technology and trained cyber personnel in place by businesses, the sudden transition to remote working last year held a door wide open for cybercriminals to gain access to a business’ data. The ACSC Annual Cyber Threat Report revealed the severity of cyberattacks are increasing due to the growing dependence on information technology platforms and interconnected devices and systems. 


Australian businesses need to be mindful of cybercriminals’ tactics that exploit vulnerabilities and weaknesses in their systems. The Verizon DBIR report shows us that an organisation’s primary weakness is in its people, which is why it’s important for individuals to be aware of cyber threats at all times, as they are a business’ first line of defence.  


According to the Office of the Australian Information Commissioner’s Notifiable Data Breaches Report, for the July-December 2020 period, 58 per cent of the 539 breaches reported were a result of malicious or criminal attack, while 38 per cent were due to human error. 


These findings alone, highlight the need for organisations to invest in cybersecurity training for their employees to instil best practices into the business. By doing so, organisations will strengthen their cyber resilience and help to reduce the amount of overall data breaches Australian businesses experience. 


One mistake can make an entire business vulnerable 

Cyberattacks are one of the most prominent threats facing individuals and businesses. A fault in a technical product or service that lacks ‘secure by design’ principles can forfeit an organisation’s system and be made vulnerable to cybercriminals to exploit their network. At which point, the fate of the business rests solely in the hands of a malicious threat actor. 


If this happens, the best solution for the business is to securely isolate these systems and monitor their systems and networks for threats through the use of active detection and response tools. 


Compromising a vulnerable system isn’t the only way threat actors find their way in. Social engineering remains the preeminent way for threat actors to get access to a computer, with 85% of breaches last year involving human interaction (Verizon DBIR 2021 report).


Social engineering is a psychological attack. In one of these attacks, the victim is tricked into doing something they should not do. This could include providing credentials and passwords, or it could be by clicking on a link in an email that then downloads malware onto the user’s computer. Once malicious malware is in place, the threat actor has the power to do just about anything they want whether it is looking for confidential data, extracting data from the victim, or encrypting data to hold for ransom. 


Businesses and individuals, alike, need cybersecurity training to decrease the number of breaches by spotting social engineering attempts. Furthermore, businesses need to be continually implement software updates to their systems, in a timely manner, to ensure their data is safeguarded. 


Training programs that increase employees’ understanding of cybersecurity and the threat landscape should not act as a business’ entire cybersecurity strategy, but instead form part of it. By having a workforce that knows what to look out for, the organisation is better-positioned to combat malicious attacks and places less dependence on one solution (e.g. technology infrastructure). As we march into the second half of 2021 and continue grappling with remote-working models, it’s imperative organisations educate their employees to increase cyber resilience and decrease the number of breaches we see.



Josh Lemon, certified instructor at SANS Institute and managing director, APAC, digital forensics & incident response at Ankura

Popular

Ben Kearney, CEO Australian Lotteries and Newsagents Association comments on wage rise

Ben Kearney, CEO of ALNA - Australian Lotteries and Newsagents Association, in relation to the FWC decision on the minimum wage yesterday said.This is a very difficult time for small businesses, as we work through the long recover...

New appointments: Lee Trego and Donelle Brooks

Earlypay (ASX: EPY), a market leader in providing tailored financial solutions to businesses across Australia, has announced two key executive appointments; Lee Trego and Donelle Brooks. Lee Trego Head of Growth Earlypay “In...

High demand, more volatility, and raised expectations will define the peak 2023 travel season

Allianz Partners’ annual Global Travel Summit explores the trends shaping a turbulent year for travel – and the new customer expectations defining the industry.   As the industry gears up for its busiest period of the year, ...

Virtual Office