Security Market Segment LS
Friday, 25 February 2022 01:10

ACSC calls on Australian organisations to urgently adopt an enhanced cyber security posture Featured

By

The Australian Cyber Security Centre (ACSC) is encouraging organisations "to urgently adopt an enhanced cyber security position. Organisations should act now and follow ACSC’s advice to improve their cyber security resilience in light of the heightened threat environment."

The cyber cold war which various countries and organisations have been waging with each other over the past few decades has slowly grown ever warmer over the last twenty years as technology and connectivity has dramatically improved, and now that Russia's self-described peacekeeping "special operations" in Ukraine has begun, the cyber cold war is expected to warm up faster than ever, with cyber attacks already promised by Russia in response.

In addition, given there is opportunity created in chaos, cyber criminals are likely to be even more active than their already heightened activity during the last two years of COVID chaos, making the World Wild Web the wildest it has ever been, seemingly rife with zero-day vulnerabilities.

These zero-days are discovered by determined threat actors, which the entire tech community often seems to be playing catch up with. That said, security companies make legitimate breakthroughs and with software vendors themselves also presumably very motivated these days to write software as securely as possible, and then to continue upgrading that security while ever more proactively looking for vulnerabilities in their code.

Bug bug bounties are also paid by OS and software developers to security researchers, users or anyone that finds and reports new vulnerabilities, allowing them to be fixed before they can be actively exploited. 

Many of the recent iOS and iPadoS 14 and 15 dot point updates have been to patch zero-day vulnerabilties that were being actively exploited, necessitating the urgency of the update to arrive from Apple, and the urgency of you applying it to your devices, among a wide range of security meausres organisations need to take, as described below. 

Thus, the ACSC's warning earlier this week that organsiations enhance their cyber security posture, and with an alert status of "HIGH", it's beyond past time to take action. The ACSC offers the Essential Eight steps listed in more detail below, and clearly, they're the minimum organisatons need to do to secure their operations, their data and themselves.

The ACSC also links to similar information from the US, UK, NZ and Canada, to prepare for and better defend against threat actors in any country, whether small, large or nation state, because the cyber cold war has already been happening for years, and all the chaos in the world is digitally accelerating cyber attacks, too. 

So, below is a re-print of the rest of the ACSC cyber security bulletin, which you can also read at the ACSC website here, and which ends with a link to additional actions you can take, with a more technical explanation.  

Here's the ACSC info:

Background / What has happened?

There has been a historical pattern of cyber attacks against Ukraine that have had international consequences. Malicious cyber activity could impact Australian organisations through unintended disruption or uncontained malicious cyber activities.

While the ACSC is not aware of any current or specific threats to Australian organisations, adopting an enhanced cyber security posture and increased monitoring for threats will help to reduce the impacts to Australian organisations.

Mitigation / How do I stay secure?

The ACSC recommends that organisations urgently adopt an enhanced cyber security posture. This should include reviewing and enhancing detection, mitigation, and response measures.

Organisations should ensure that logging and detection systems in their environment are fully updated and functioning and apply additional monitoring of their networks where required.

Organisations should also assess their preparedness to respond to any cyber security incidents, and should review incident response and business continuity plans. The ACSC has published Cyber Incident Response Plan – Guidance & Template to assist organisations to produce an incident response plan.

The ACSC strongly recommends organisations implement the Essential Eight mitigation strategies from the ACSC’s Strategies to Mitigate Cyber Security Incidents as a baseline. This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems. The Essential Eight mitigation strategies are:

Australian organisations may also wish to review the following publications from partner agencies:

US Cybersecurity and Infrastructure Security Agency (CISA): CISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats 

UK National Cyber Security Centre: NCSC advises organisations to act following Russia’s further violation of Ukraine’s territorial integrity 

NZ National Cyber Security Centre: General Security Advisory: Understanding and preparing for cyber threats relating to tensions between Russia and Ukraine 

Canadian Centre for Cyber Security (CCCS): Cyber threat bulletin: Cyber Centre urges Canadian critical infrastructure operators to raise awareness and take mitigations against known Russian-backed cyber threat activity.

Assistance / Where can I go for help?

The ACSC is monitoring the situation and is able to provide assistance or advice as required. Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1 (1300 292 371). 

Here is the link the ACSC provides to additional, more technically detailed information: 

2022-02: Australian organisations should urgently adopt an enhanced cyber security posture

 

Read 2373 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




GET READY FOR XCONF AUSTRALIA 2022

Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.


Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event

GET YOUR TICKET!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Alex Zaharov-Reutt

Alex Zaharov-Reutt is iTWire's Technology Editor is one of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments