Most businesses and government organisations are now aware that cybersecurity is not merely the responsibility of IT. They recognise that everyone is accountable for protecting systems, people and information from attack. They also know that many attacks occur from within rather than from external parties. So how can they make part of their business culture?
Education is key. An education program should complement and explain robust security policies that detail the assets a business or organisation needs to protect, the threats to those assets and the rules and controls for protecting them.
An effective program makes every worker acutely aware of cyber threats, including emails or text messages designed to trick them into providing personal or financial information; entice them to click links to websites or open attachments containing malware, or deceive them into paying fake invoices that purport to be from a senior executive.
It teaches them how to recognise common threats, the actions they need to take and people they need to inform when targeted and the steps to take if they do fall victim to a malicious individual or software. In addition, the program should teach workers how to recognise and respond to poor – or suspicious – cybersecurity behaviour by a colleague.
Cyber security education also needs to extend to a business or government organisation’s senior leadership team, who should also visibly support its objectives and model appropriate behaviours. It should also encourage workers and managers to pass on lessons learned to friends and family to help them avoid being compromised by malicious cyber activities.
Perhaps most importantly, it is not good enough to run a cybersecurity education program once and consider it a box ticked. A business or government organisation should run programs regularly and update them as needed to account for changes in policies and the threat landscape. It should also provide ongoing information and direct people to resources such as the Australian Cyber Security Centre for assistance.
Cybersecurity policies and education programs also need to complement the effective use of proven, regularly updated security products to protect systems, people and information from cyber threats.
For more information, contact us at: email@example.com
Keeping systems and information safe is an increasingly complex, high-stakes activity. Trusting individuals or systems by default may have catastrophic consequences if it leads to malicious parties gaining access to corporate networks or resources. These consequences may include service disruption and loss or theft of sensitive information – and may , in turn, lead to reputational damage as customers and partners lose trust in an affected organisation. In addition, regulators may impose financial penalties if a breach results from a failure of systems or processes.
Unsurprisingly, businesses and government organisations are turning away from security models that trust individuals or systems by default. As TechTarget notes, these models are ill-equipped to handle data distributed across multiple locations, applications and cloud services. A zero-trust approach requires strict identity and device verification not just to get past the network perimeter, but to access internal systems and resources. By segmenting network components and systems and imposing access requirements for each segment – as well as using risk management analytics to identify suspicious activity – businesses and government organisations can respond effectively to modern security challenges.
Zero-trust network access is continuing to gain traction in business and government – particularly as digital transformation projects take effect. According to a Gartner report, because digital transformation projects “require services APIs, data and processes to be accessible through multiple ecosystems anywhere, anytime, from any device over the internet, [they expand] the surface area for attackers to target.”
Gartner says zero-trust network access “provides adaptive, identity-aware, precision access” and “enables digital ecosystems to work without exposing services directly to the internet.”
The analyst firm predicts that, by 2022, 80% of new digital business applications opened up to ecosystem partners will be accessed through zero-trust network access, while by 2023, 60% of enterprises will phase out most of their remote access virtual private networks in favour of network access.
Is your business or government organisation adopting zero-trust network access? What challenges and opportunities is this approach presenting? Please let us know at firstname.lastname@example.org.
The challenges facing IT and information security workers at global organisations are growing in scale and complexity.
Some key – and interrelated – issues workers and managers in these areas need to address are:
For businesses, the internet, and digital business models present compelling opportunities to improve customer and employee experiences open up global supply chains, generate new revenue streams and operate more efficiently.
However, these rewards are tempered by increasingly sophisticated cyber-threats that can disrupt operations, compromise sensitive customer and business information, increase costs and cause lasting reputational harm.
So what are the most important security facts your technology and business leaders need to know?
● Security breaches are widespread and damaging. Nearly two thirds (65%) of businesses – of all sizes – have experienced interruptions due to security breaches, according to a recent Telstra report.
● Attacks from external parties remain the primary threat to businesses – but a significant number of breaches occur due to employee mistakes. Malicious or criminal attacks (60%) dominated the breaches notified to the Office of the Australian Information Commissioner in the first year of operation of the government’s Notifiable Data Breaches Scheme, while 35% of breaches occurred due to human error such as losing data storage devices.
● Attacks that use social engineering techniques to trick people into disclosing confidential information remain the most common threat to businesses and individuals. The Notifiable Data Breaches report revealed phishing – sending fake messages over email or other channels to induce people to provide sensitive data – and ‘spear phishing’ – a phishing attack targeting a specific organisation or individual – continued to be the most effective way of compromising businesses. The Telstra report listed phishing and web application attacks as the two most common types of attacks in the Asia-Pacific.
● Businesses are introducing new technologies to drive innovation and growth faster than they can be secured, while the total value at risk to cybercrime globally could be as high as USD$5.2 trillion over five years, according to Accenture.
So how can your business address these issues? The key is to adopt a multi-layered approach to security that encompasses people, processes and technologies. This approach can minimise the risk to systems and information and position you to take advantage of the compelling opportunities new technologies present. For more information contact email@example.com
Delivering security solutions to customers has progressively become more complex and inefficient for service providers. Because these solutions may comprise a range of point products from different vendors, they force the service provider – and customer – to manage multiple relationships and technologies.
Combining the scalability and flexibility of Software as a Service with the economies of scale of a multi-tenant environment can resolve these problems. A multi-tenant, SaaS security platform can strip out complexity and give service providers the ability to offer white-labelled solutions comprising world-class security technologies to customers.
At FirstWave, we provide a multi-tenant, SaaS platform that service providers can use to provide solutions that protect enterprises from cyberattacks across email, web and firewall vectors. Our Cloud Content Security Platform orchestrates and provisions cloud-based SaaS based on virtualised email and web security, as well as firewall products from leading vendors. These include Cisco, Palo Alto Networks and Fortinet; we aim to add more in future.
The platform – available on Amazon Web Services - can be accessed by service providers with no upfront costs and integration. It incorporates APIs and information feeds that service providers can take into their order management, customer management, ticketing and subscription billing systems. All FirstWave infrastructure, management and security processes are certified to ISO 27001 Information Security Management System Standard and ISO 9001 Quality Management System Standard.
The platform enables users to offer solutions to customers ranging from government agencies, financial institutions and multinationals down to two- or three-person startups from a single instance.
Service providers can provision and activate solutions for customers within minutes and offer them packages of security policies. They can also manage all customers from a single pane of glass, and the customers themselves can have a single pane of glass view of their services and security policies. Our platform is carrier-grade and offers five nines service performance and strong hierarchical and role-based access controls.
Our platform is also compliant with the requirements of the General Data Protection Regulation, which protects the data and privacy of individuals in Europe.
With a world-class, multi-tenant, SaaS platform, service providers are now well positioned to help customers meet current and forthcoming security challenges.
WhatsApp is one of the world’s most popular messaging apps, with about 1.5 billion monthly users. The app is marketed as secure with end-to-end encryption that prevents messages, photos, videos, voice messages, calls and documents from falling into the wrong hands. WhatsApp says neither it nor third parties can access these messages.
However, a recent security breach that affected WhatsApp on iOS or Android phones is a clear reminder that no service is 100% risk-free.
The breach may have allowed a malicious actor to install unauthorised software and gain access to personal data on devices running WhatsApp. The attack – attributed in media reports to a private company working with governments on surveillance – is believed to have targeted a group of human rights campaigners. WhatsApp quickly released an updated version of its app to address the vulnerability.
For businesses, the lesson is clear – security plans, platforms and processes need to account for and minimise the risks of using these types of services. We recommend organisations carefully consider the use of proprietary messaging apps to distribute sensitive corporate or customer information, and implement robust policies governing the use of these services for business-related activities.
These policies need to be backed by education programs that should extend beyond an organisation’s own workforce to partners, suppliers, and other stakeholders.
The incident is also a powerful reminder to IT security specialists of the importance of installing updates as quickly as possible to address vulnerabilities that may leave a corporate network open to attack.
The media reports of the WhatsApp attack present an uncomfortable reminder to businesses that cyber-attacks may be carried out by well-resourced, technically skilled organisations and experts acting on behalf of nation-states, as well as criminal groups and rogue individuals. For businesses involved in critical infrastructure or systems of national importance, this means implementing security platforms, architectures, and processes – and working with relevant government agencies – to reduce the risk and impact of a breach.
Escalating tensions between the United States and competing countries are reshaping the cyber-security landscape – with severe implications for Australian businesses and government organisations. The United States set down its case in a cyber strategy document released in late 2018 and has escalated its measures from there. According to the document, the United States had adopted a vision of ‘a shared and open cyberspace for the benefit of all,’ but its adversaries had conducted economic espionage and malicious cyber activities that had damaged individuals, commercial and non-commercial interests and governments across the world.
The document listed Russia, China, Iran, and North Korea as challenging the United States in cyberspace, ‘often with a recklessness they would never consider in other domains.’ Since then, the United States Government has issued executive orders to shore up a cybersecurity workforce short of 300,000 practitioners and more importantly, to declare a national emergency and bar United States companies from using foreign telecommunications equipment made by companies it considers a national security risk. The initiative is already causing consternation among local users of smartphones from one supplier – a leading United States-headquartered company is reportedly restricting the supplier’s access to its applications and operating system.
Businesses need to monitor and respond quickly to these measures and the evolving security landscape. Companies exposed to the United States will need to evaluate the risks of doing business with firms targeted by current and future executive orders. Given Australia’s close relationship with the United States, local organisations will also need to remain aware of the ongoing risk of cyberattack or espionage from individuals or groups acting on behalf of ‘cyberspace challenger’ countries.
Some of the steps businesses should take include ensuring cyber-security planning including incident response is up to date and people know their roles and responsibilities; checking that anti-malware products are installed and up-to-date; and that employees are aware of potential cyber-threats and the steps they need to take to minimise risk. If you would like to learn more, please contact firstname.lastname@example.org.
The cyber security spotlight has been directed firmly at ransomware in recent times. Yet a recent report in the United Kingdom highlights the fact phishing remains a real headache for businesses, government organisations and not-for-profits. The Cyber Security Breaches Survey 2019, conducted by the Department for Digital Culture, Media and Sport, found nearly one third of businesses (32%) and about one fifth of charities (22%) experienced cyber-security breaches in the previous 12 months. Of these, 80% of businesses and 81% of charities experienced phishing attacks – a considerably higher percentage than those that experienced viruses, spyware or other malware, including ransomware (27% of these businesses and 18% of these charities).
So what are the key differences between phishing attacks and ransomware attacks – and why are phishing attacks a deep concern for businesses? A phishing attack generally involves a malicious person using social engineering techniques to trick a person into supplying sensitive personal or business information, whereas a ransomware attack (that can be delivered through a phishing communication such as an email) aims to extract a ransom from a victim by locking their files and demanding payment for a key to regain access.
Phishing messages often direct victims to fake websites – that may include branding and information copied from legitimate websites to appear authentic to enter their details.
How do you limit the risk to your business – including your people – of being compromised by a phishing attack? The answer is a combination of education, awareness, technologies and processes. The Australian Government’s Stay Smart Online website includes a list of steps your people and your business can take to minimise the risk presented by phishing. These include advising your people to avoid clicking on links or opening attachments in unexpected or suspicious emails and contacting senders to verify concerning emails, using details sourced from a legitimate website or location. Your business should also install and update spam filters and other anti-malware products to help minimise risk.
Firstwave’s Cloud Email Security product provides advanced, feature-rich and configurable cloud email security services for businesses – powered by its cloud email content security and analytics platform technology. If you would like to learn more, please contact email@example.com.
Businesses beware: ransomware is back and the attacks are more complex and costly than ever. Ransomware campaigns targeting businesses rose in January-March 2019, compared to October-December 2018. Businesses also typically paid out more to the groups behind ransomware to retrieve their files, while infections caused more downtime, on average than during the previous quarter.
These trends – highlighted in research from a range of vendors – represent a continuation of worrying circumstances identified in a Telstra report released last year. The report found ransomware was on the rise and was increasingly targeted. Nearly one third – 31% – of Australian respondents whose businesses had been interrupted by a security breach in the past year were experiencing ransomware attacks on a weekly or monthly basis. This was the highest of all countries surveyed.
These findings highlight the importance of vigilance and preparedness in protecting networks and data. This means educating your workforce and working with partners, customers and participants in your supply chain to avoid clicking on suspect email links or attachments. Ransomware groups often incorporate text in these emails that aim to trick people into clicking quickly on these malicious links or attachments.
Other steps your business should take include ensuring anti-malware products are implemented and up to date and taking regular backups that are then stored in isolated locations. Your business should also document the steps to be taken and the responsibilities of individuals and teams in the event of a ransomware infection. These measures will help minimise loss and disruption.
At FirstWave, we provide email and web security solutions featuring advanced malware protection to help businesses avoid falling victim to ransomware and other attacks. For example, our Cloud Email Security product provides advanced, feature-rich and configurable cloud email security services for businesses – powered by our cloud email content security and analytics platform technology. If you would like to learn more, please contact firstname.lastname@example.org.
The global cybersecurity insurance market is growing quickly and is expected to reach more than $20 billion within the next few years. Businesses are increasingly seeking insurance coverage as the number of breaches affecting sensitive customer or corporate data or disrupting systems and operations, increases. Rising reliance on technology to connect with consumers, partners and other stakeholders, the takeup of cloud, mobile, Internet of Things and other models, and the growing sophistication of cyber attacks are all combining to increase cybersecurity risk.
In this environment, board members and senior management teams are shouldering greater responsibility – and in many cases liability – for cybersecurity. For directors and managers, this means dumping traditional perspectives that cybersecurity is the province of the technology team and taking a proactive, organisation-wide approach to minimising cyber risk.
Discharging this responsibility means implementing a comprehensive cybersecurity program that incorporates a range of measures to reduce risk. According to the Australian Government’s business.gov.au website, these measures may include updating all passwords to passphrases that swap letters for symbols and use different spelling; using password managers to securely store and generate passwords; using business-grade cybersecurity software; backing up systems and files to portable hard drives; and seeking help from IT professionals if systems are infected by malware such as ransomware.
The website also recommends businesses talk to insurance brokers or insurers about options for reducing cybercrime risk.
However, businesses should not only tighten their defenses against external attacks. Internal attacks and employee errors can also threaten the integrity of customer and corporate data, as well as key systems. Boards and senior management teams should also become aware of these risks and ensure comprehensive plans are in place to mitigate them. Some issues that may be covered by these plans include implementing role-based access to systems and data – meaning workers only access what they need to do their jobs – and educating workers about how to manage data securely. Adopting these plans can further help businesses reduce risk and consequently lower their cybersecurity insurance premiums. In addition, these plans can also minimise the likelihood of incurring the regulatory and reputational penalties of a cybersecurity breach