Cyber attacks now occur with greater frequency and intensity. The global cost of cybercrime is predicted to reach $8 trillion annually by 2021*, reminding businesses that they must continue to review security policies, tools and systems regularly to ensure they stay ahead of potential attackers.
Many of these cyber attacks go unreported or underreported. Even when they are reported and the cybercriminals are discovered, it can take years for legal proceedings to catch up with them. As an example, the perpetrators of the massive 2014 Yahoo data breach have only just been convicted.
In addition, the growth of Internet of Things (IoT)-connected devices and the increase of wearable technology in the workplace provides more network end-points through which organisations can be targeted.
Organisations need to have the right security measures in place, including staff education, to reduce the likelihood of attack. Too many organisations rely on security measures that kick in after an attack has breached their environment. Instead, it’s better to focus security efforts on finding ways to prevent attacks from happening at all.
To develop appropriate security resistance Brennan IT suggests implementing the following measures:
1. Effective perimeter protection
Effective threat mitigation requires strong network protection of IT infrastructure and data stores. Strong perimeter protection should be implemented in layers to protect all access points of an organisation, regardless of location. Many IT providers can deliver a complete network security solution as-a-service, which means businesses can save on costs and don’t have to recruit their own security specialists.
2. Geo-blocking and exception listing
With most attacks now originating outside of Australia, it is important to consider using geo-blocking at the business’s Internet perimeter firewall. Increasingly, organisations with ecommerce facilities are hosting their websites and the databases serving those websites with a service provider that uses strong network level protection. However, in a global market businesses need to assess the compromise of geo-blocking based on its potential to limit legitimate traffic, for example sales leads from outside Australia.
3. Checking cyber defences by running regular advanced vulnerability scans
It’s important to conduct regular health checks regarding where and how data is stored, and which applications are in use on the network or are taking up valuable network availability. Businesses should keep track of all users and what parts of the network each person has access to, and understand the potential threats that may exist. Protecting and maintaining systems and devices, and inventorying the environment can help to identify potential issues before they are exploited by cybercriminals or internal malfeasance.
4. Staff identity management
Many businesses use externally hosted applications such as Payroll, HR information systems and travel management. This presents the challenge of managing access and role based permission during staff turnover and recruitment. IT service providers can deploy single identity technology to reinstate control.
5. Training staff and increasing awareness
Many security incidences occur as a result of human error, i.e. employees opening phishing or whaling emails. With 30 per cent of phishing messages being opened by the targeted person**, anti-spam and anti-virus solutions are no longer adequate to protect businesses from these styles of attacks. While employee education is key, it’s also important for organisations to use advanced protection layers to automatically filter spam and provide email security.
The increasing prevalence of cyber attacks should act as a reminder for Australian organisations to review their security structure to identify areas for improvement. Looking holistically at how the business stores and backs up data, protects and filters emails, manages its cloud or on-premise IT infrastructure, and keeps staff educated in matters of cybersecurity, will highlight ways to modernise and increase the efficiency of the organisation’s security architecture.
* http://www.minterellison.com/files/Uploads/Documents/Publications/Reports%20Guides/CyberPerspectives-Infographic-Final-A3.pdf
** http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/
Lyncoln De Mello, Director – Cloud Services, Brennan IT
