Featured|Systems & Software

Stay smart online

cyber-attacks
Ian Raper
October 9, 20173 mins read

Since the technology to combat cybercriminals has become more advanced and sophisticated, people have become the potential weak link in the fight against cyber crime. Keeping businesses and individuals safe depends on people understanding the risks and protecting themselves.

It takes just one unwary employee to divulge their password or plug in an unauthorised device, and they could fall victim to a cyber crime attack. This could also compromise the entire network of the business they work for, or put their own personal home network at risk. Consequently, it’s crucial for people and businesses alike to stay smart online.

Palo Alto Networks is supporting the government’s Stay Smart Online Week 2017, which runs from 9 to 13 October. The theme is “simple steps to online safety”, with a focus on five key areas: privacy of your personal information; strong passwords; software updates; backing up important information; and avoiding online scams.

Cyber crime is on the rise; it’s estimated to cost Australians more than $1 billion per year, with around 43 per cent of cyberattacks targeting small businesses*.

Employees don’t usually want to harm the business they work for but it’s human nature to make mistakes, or to misunderstand the level of risk. Businesses need to educate employees and ensure they’re taking simple steps to stay smart online.”

There are three key factors that can introduce risk, and we have some ways to combat those factors:

  1. Employees working from home or remotely

In many cases an employee’s home network is nowhere near as secure as the corporate network, creating a vulnerability that hackers can exploit. This can be particularly lucrative if the employee accesses sensitive or commercially-valuable information from home. So, businesses must:

  • protect remote devices by implementing security software and installing the latest versions of applications and security patches immediately – mobile devices should be remotely wipeable in case they fall into the wrong hands
  • require employees to use strong passwords and two-factor authentication
  • prohibit employees from storing information on their personal desktop
  • use a virtual private network (VPN) to protect traffic and prevent tampering with data.
  1. Credential theft and phishing

Hackers still steal people’s passwords and credentials because it remains one of the fastest and most effective ways to gain access to networks. There are three key components to blocking phishing attacks:

  • educating employees so they understand what a phishing attack looks like and what to do if they suspect they are being targeted
  • creating processes that reduce the chances of employee errors resulting in credential-based attacks including measures such as flagging phishing attempts, resetting passwords, automatically blocking suspect sites and emails, and understanding how sensitive resources can be protected
  • implementing technology such as threat intelligence tools to identify and prevent employees from visiting phishing sites.
  1. Human error

People will always be the weakest link in the cybersecurity chain but it is possible to reduce the amount of error. This includes:

  • incorporating security awareness into the organisational culture through relevant, frequent training (perhaps using gamification to increase engagement)
  • moving beyond a compliance-driven approach and showing employees how to protect their personal data, which can then extend to protecting the organisation
  • limiting the number of employees with administrative access, which shrinks the risk footprint.

Too many businesses still focus on threat detection and mitigation when they should be focusing on prevention. By strengthening their employees’ awareness of and commitment to cybersecurity, businesses can dramatically reduce the chances of a breach occurring at all.

The Stay Smart Online Alert Service is a free service that explains recent online threats and how to manage them. Businesses and individuals can sign up to the service at www.staysmartonline.gov.au or follow Stay Smart Online on Facebook.

* https://www.roi.com.au/blog/australian-internet-social-media-statistics-2017/

Ian Raper, Regional Vice President – ANZ, Palo Alto Networks

Recommended by IR
Virtual worlds, real learning
Innovation
Virtual worlds, real learning
Show them how you’re special
Branding
Show them how you’re special
An upgrade in kindness
Sustainability
An upgrade in kindness
Payment apps that pay off
Digital
Payment apps that pay off
The impact of company culture on productivity
Productivity
The impact of company culture on productivity
Author's latest articles
Secure your business with a proactive approach to cybersecurity
Risk
Secure your business with a proactive approach to cybersecurity
The one New Year resolution SMEs need to keep
Risk
The one New Year resolution SMEs need to keep
Why the pandemic has driven Aussie SMEs into new IT territories
Digital
Why the pandemic has driven Aussie SMEs into new IT territories
How to keep data secure in the age of working remotely
Strategy
How to keep data secure in the age of working remotely
Why you must consider your cyber security defences before EOFY
Systems & Software
Why you must consider your cyber security defences before EOFY
×
Essential insights delivered straight to your inbox. Sign up now - it's FREE
By submitting your details you confirm you have read our T&Cs and privacy policy.