NDB stats highlight need for security rethink: experts
The findings of the fourth Notifiable Data Breach Quarterly Statistics Report show that Australian organisations have much work to do to improve their security posture, according to experts.
Paul Trulove, Chief Product Officer at identity management software provider SailPoint, said the findings show that Australian businesses are still struggling to understand the risks involved in compromised user credentials.
“[This is] demonstrated by 43% of cyber incidents involving phishing, 8% resulting from brute-force attacks and 24% from compromised or stolen credentials,” he said.
“The report reiterates that an organisation’s users have become the easiest route into an organisation for hackers. This is a trend we do not expect will ease up, as hackers now know that users offer them the keys to the proverbial kingdom, once compromised.”
Trulove added that he was not surprised to learn that health service providers for the fourth consecutive report had the highest number of notifications of any sector. “Health service providers are a goldmine of valuable personally identifiable information for cybercriminals, especially as more health information is digitised.”
Ping Identity CTO Mark Perry added that the results demonstrate the delicate balancing act between security and customer convenience or employee productivity that enterprises are under pressure to walk.
“The good news is that there is really no excuse these days as modern authentication solutions provide the means to secure the most common enterprise attack vectors without getting in the way of the employees, partners and customers who need access.”
Meanwhile, Phil Kernick, co-founder and CTO of consulting company CQR Consulting, noted that it is likely that at least one Australian company will be facing an expensive enforceable judgement as a result of breaches of personal data.
“If this should happen, there will be a scramble among businesses to adopt a heightened data security, risk and compliance culture who until now may have taken a rather laissez-faire approach to their cybersecurity footing.”
WatchGuard Technologies ANZ Country Manager Mark Sinclair said how organisations approach improving their security footing is important.
“No organisation has perfect security but successful companies staying out of these quarterly OAIC NDB reports will have business continuity plans and will have put in place a well-balanced cybersecurity strategy that spreads funds across threat prevention, detection and response, user education, business continuity and disaster recovery.”
Aura Information Security Australia Country Manager Michael Warnock had similar advice.
“Both business and IT teams should accept the threat is present, implement ongoing training to teach employees to recognise potential threats, adopt responsible data protection behaviour and allocate sufficient funds to cover protection measures commensurate with their organisation’s risk profile,” he said.
LogRhythm Senior Regional Marketing Director for Asia Pacific and Japan Joanne Wong said a fundamentally new approach is needed to reflect the changing threat landscape.
“Companies in 2019 must take a more holistic approach to cybersecurity and practise good IT and security hygiene such as patching systems and applications; updating and modernising their systems, applications and infrastructure; and controlling access to only those that need access,” she said.
“They also need to be able to validate identities, and encrypt or apply other safeguards to critical business systems and data.”
Zscaler ANZ Country Manager Budd Ilic suggested that companies aiming to transform their approach to protecting critical data assets look to the cloud.
“It's becoming increasingly clear that traditional security solutions are no longer up to the task when it comes to protecting organisations. Our environments and architectures are now so complex it’s difficult, if not impossible, for practitioners to effectively monitor their environments and is a contributing cause to incidents like this,” he said.
“The growing usage of mobile devices and cloud-based applications and services means users are not protected, and internet gateways are unable to handle advanced threats. Cloud-based security platforms which remove complexity from within the organisation and ensure comprehensive protection are an option for organisations who need to build a perimeter around all users regardless of their location and endpoint device. All traffic is directed through the cloud where it is scanned and analysed before going to the internet.”
SolarWinds believes it has uncovered the highly sophisticated methods used to inject malicious...
Microsoft says the state attackers behind the SolarWinds Orion compromise viewed some of its...
US law enforcement and intelligence agencies are investigating an attack on government and...