Security Market Segment LS
Monday, 02 March 2020 11:42

Data breach report shows Australian businesses 'not learning from abroad'

By
Data breach report shows Australian businesses 'not learning from abroad' Pixabay

The latest data breach report from the Office of the Australian Information Commissioner shows that Australian businesses have learnt nothing from the devastating impacts of breaches in other countries, a cyber security professional says.

Alex Woerndle, principal adviser, Cyber Security at Ecosystm, said the report was a concerning read as it continued to show Australian businesses were failing to grasp necessary data protection and data management techniques.

"It appears we have learnt nothing locally from scandals and breaches that have seen millions wiped off the value of businesses overseas," Woerndle said. "For a third of all breaches to be attributable to human error is unacceptable.

"All businesses can now understand the damage and disruption simple human error mistakes are causing or could cause if not addressed. In today's world, business requires partnership and co-operation, and leaders need to find the right allies and partners to defend innovation and overcome threats, be they competitive from rivals, internal malicious attacks, or from cyber criminals looking to extort financial gain.”

Woerndle pointed out that, at the same time, cyber attack prevention called for a multi-layered defence approach that completely isolated production "live" data from back-up copies.

"Software can now use back-up data to scan for exposures and vulnerabilities in recent data as a matter of course," he said. "This can be automated too, to eliminate the necessity for IT resources to be continually checking reports and platforms.

"Automated alerts can notify the IT team when server usage is abnormal or when permissions to access data are changed, which helps counter internal and external threats that may have system access too. This gives businesses a precious commodity when dealing with cyber criminals: time. You don't have to react to a full-scale breach; instead you can spot the early warning signs and rectify.”

Woerndle said the report indicated that Australian businesses needed to have better password discipline.

"Indeed, in recent years we’ve seen a whole industry built on creating word lists of common passwords that can be thrown at employee accounts in an attempt to crack them," he said. "In addition, organisations need to train their staff better on appropriate use of email as a communication medium - not just on how to detect a malicious email, but more broadly on appropriate use. Indeed, staff should be constantly educated about phishing attacks and to be cautious when downloading files or opening attachments from unfamiliar parties.

“Businesses in 2020 should also look at their overall IT environment. While no single defence can protect completely, today’s IT security toolbox should include firewalls and anti-virus software through to network intrusion and advanced persistent threat tools, incident response planning, cloud security solutions and comprehensive awareness training for all staff. By taking a comprehensive and multi-layered approach to security, organisations can reduce the likelihood they will fall victim to malware attacks, data breaches, and avoid the disruptive and potentially costly problems they can cause.”

Simon Howe, vice-president Sales Asia Pacific, LogRhythm, said the report showed that businesses continued to be an attractive target for cyber criminals due to the large amounts of sensitive customer data collected and stored.

"Increasingly organisations of any size must be aware of the evolving types of threats and the vulnerabilities that exist across their networks in order to protect customers’ data," he said. "Security awareness programs are a great help in this regard, especially those that this report suggests focus specifically on phishing awareness.

“At the same time, security visibility and monitoring of systems, even those hosted outside of a network, are critically important. Organisations should also increasingly look at their security supply chain and include security controls and protections within contracts when partnering with third parties. This will not only limit a company’s liability if a breach were to occur, but it will also test the third party’s adherence to those controls and enable a company to monitor the controls themselves.

“As in previous years, when there is detection of a breach, rapid incident response can mean the difference between a damaging data breach and quick containment. As they look at their investment dollars in 2020, decisions makers would be well advised to put in place advanced security tools that automate common investigation tasks and streamline remediation and response in order to halt a breach immediately and in real-time.”

Ping Identity Asia Pacific chief technology officer Mark Perry focused on the issue of compromised credentials.

“It’s clear from the report that organisations are not doing enough to close the major attack vector that leads to data breaches, namely compromised credentials," he said. "At the same time, for attackers right now, phishing is low-hanging fruit, enabled by simple and outdated authentication methods. Multi-factor authentication really needs to be considered as an essential component of a cyber security strategy, for both employees and customers, especially for email accounts.

"Going passwordless is another option, well supported by industry solutions. The FIDO2 standard has been designed to mitigate phishing attacks and should be considered as a replacement for a One-Time code delivered by email or SMS, which are inherently less secure. The report also appears to suggest that the healthcare sector, in particular, needs to embrace modern, secure authentication solutions to safeguard personal and sensitive data.”

Jim Cook, ANZ regional director at Attivo Networks, said credential theft had been identified as having major appeal to hackers and suggested that against this backdrop, organisations could not afford to be complacent about their security posture or assume traditional cyber-security measures would continue to answer.

"The threat posed by cyber-crime is rising and, as organisations continue to digitise, traditional perimeter-based cyber-security strategies will no longer be completely reliable or adequate," he said. “Businesses need to have real-time monitoring and clear visibility into their operations so they can rapidly detect and neutralise security threats.

"As a result, they may now need to focus on how they manage their security challenges head-on by making every network element part of a deception fabric to disrupt an attacker’s ability to break out and further infiltrate the network. Indeed, luring adversaries into the open with deception technology can prevent them from gaining access to critical IT data and assets and ultimately reduces the occurrence of disruptive and costly incidents which businesses of all sizes can ill afford to weather.”

WatchGuard Technologies ANZ regional director Mark Sinclair said it appeared that not a day went by without the public not hearing of some new data breach, ransomware attack, company network compromise, or state-sponsored cyber-attack.

"Meanwhile, thanks to Facebook, consumers have also become intimately aware of how their own personal data privacy contributes to their own security," he said. “This Notifiable Data Breaches report data highlights the treasure trove of personal information held in email accounts and contact lists that attackers are exploiting more and more often.

"Protecting email credentials has never been more important and multi-factor authentication should now become a standard security control for businesses in 2020. Indeed, the Australian Cyber Security Centre lists MFA as a key counter-measure to protect again the exploitation of stolen credentials as part of its Essential Eight.

"MFA is a highly effective and easy to implement solution that will render a phished username/password useless. All Australian businesses should have MFA high on their cyber-security shopping list if they have not implemented it already. At the same time, businesses should remember that good security hygiene is often more about sustained behaviours than any one mistake or decision.“

Zscaler ANZ country manager Budd Ilic said despite huge sums of money being spent on security, the OAIC report painted an alarming picture of the increasing number of notifications.

"This implies businesses are not keeping up with the increasing sophistication of phishing and other cyber attacks," he said. "Every business leader should read the report and review their cyber-security governance posture in the light of these results.

"At the same time, they should focus effort on developing and integrating a risk management program across platforms and cloud and ensure that their investments are regularly reviewed and aligned to the current threat environment so that they don’t run afoul of compliance, laws and regulation.”


Subscribe to ITWIRE UPDATE Newsletter here

Active Vs. Passive DWDM Solutions

An active approach to your growing optical transport network & connectivity needs.

Building dark fibre network infrastructure using WDM technology used to be considered a complex challenge that only carriers have the means to implement.

This has led many enterprises to build passive networks, which are inferior in quality and ultimately limit their future growth.

Why are passive solutions considered inferior? And what makes active solutions great?

Read more about these two solutions, and how PacketLight fits into all this.

CLICK HERE!

WEBINAR INVITE 8th & 10th September: 5G Performing At The Edge

Don't miss the only 5G and edge performance-focused event in the industry!

Edge computing will play a critical part within digital transformation initiatives across every industry sector. It promises operational speed and efficiency, improved customer service, and reduced operational costs.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

But these technologies will only reach their full potential with assured delivery and performance – with a trust model in place.

With this in mind, we are pleased to announce a two-part digital event, sponsored by Accedian, on the 8th & 10th of September titled 5G: Performing at the Edge.

REGISTER HERE!

BACK TO HOME PAGE
Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News