Have Australian businesses become the target of cybercriminals leading to the loss of consumers’ confidence in their cyber capabilities? Unfortunately, a string of high-profile incidences involving Australian businesses has lent credence to this line of thought. In the recent past, MyDeal.com, the eCommerce store, saw the leak of around 2.2 million customers’ data containing names, email Ids, addresses, phone numbers, etc., scrambling businesses to seek the help of cybersecurity support services.
According to Professor Sanjay Jha, Chief Scientist at the Institute of Cybersecurity, UNSW, Sydney, the breach has dented the confidence of consumers in using online services and is certainly a matter of concern for the Australian industry as a whole. He further added that compromised credentials should not open the floodgates for cybercriminals to the IT infrastructure of businesses, especially when multi-factor authentication is present.
The recent security breaches involving MyDeal.com, Optus, and others prove that Australian businesses have a lot of catching up to do as far as strengthening their cybersecurity architecture goes. Moreover, it appears that businesses are not investing much in implementing the latest research on cybersecurity or going for cybersecurity consulting. It is a common practice that customers’ data are often collected by various services or agencies where there is little say of consumers in the way the data is used. This leaves lax monitoring of data post-collection leading to breaches.
According to Dr. Arash Shaghaghi, Senior Lecturer in Cybersecurity from the UNSW Institute, businesses all across the world are adopting measures such as Self Sovereign Identity (SSI) giving users control over information and how that information will be used and in what form. So, Australian businesses can take a leaf out of that practice and invest in SSI to increase the resilience of their IT infrastructure. Given that cybersecurity is a cat-and-mouse game played between cyber criminals and businesses, the latter need to be on top of their game to stop the former.
How Can Australian Businesses Do Better in Cybersecurity
To be one up against cybercriminals is a continuous process where Australian businesses need to perform periodic cybersecurity audits to identify and fix glitches and vulnerabilities. Moreover, they need to ensure compliance with regulations such as PCI, ISO 27001, HIPAA, GDPR, SCADA, and others, depending on the sector they operate in. For enterprises that do not have proper cybersecurity infrastructure in place, hiring managed security services from accredited cybersecurity companies like Cybernetic Global Intelligence, can help. This way they can achieve the following:
Monitor network: Here, the critical information assets of a business are identified and the effectiveness of its network security is evaluated. Thereafter, effective countermeasures are implemented 24 x 7 to secure the IT infrastructure against potential threats.
Incident response: This involves the QSA service provider working with a business to offer actionable intelligence on measures to protect the network in the aftermath of an incident.
Vulnerability scanning: It is the presence of vulnerabilities that allows threat actors to target a network. So, it is important to identify and fix them before cybercriminals use them to breach the network and steal critical information. Australian businesses should insist on conducting frequent vulnerability scanning of their systems and networks, especially the public-facing IP addresses. The process tracks and identifies issues and marks them for remediation.
Monitoring phishing and malware: This process monitors and detects phishing attacks and the presence of malware in the system. The areas being monitored for phishing and malware include email accounts, weblogs, domain registrations, phish reports, and global forums, among others. The monitoring process leads to the shutting down of suspected phishing websites and email accounts, and the implementation of countermeasures to prevent threat actors from targeting a network or system.
In light of the recent spate of cybersecurity incidences involving Australian businesses, consumers’ confidence seems to have hit a new low in using online services. This calls for greater investment by Australian companies in adopting cybersecurity measures to detect and fix vulnerabilities in their systems or networks. For businesses operating in Australia, New Zealand, and the Asia Pacific region, hiring the services of Cybernetic Global Intelligence, one of the accredited cybersecurity companies, can go a long way in preventing incidences of cybercrime.