National critical infrastructure has been a key target of cyberattacks for decades, however the attack on a national broadcast network suggests the definition of NCI must be extended to include news and media outlets.
Regardless of the industry or the organisation, the lesson is the same;
- Australia’s geography is no longer enough to stave off global threats.
- Organisations can’t wonder if they will be hit with an attack, it’s now a matter of when.
- Cybersecurity must become an organisational priority.
Here are four ways Australian organisations can prepare themselves for an attack.
Bolster defences.
In cybersecurity, there is no such thing as an impenetrable system, so organisations employ a layered security to protect their mission critical assets. With this approach, limiting the number of vulnerabilities and reducing the size of the gaps by regularly patching and scheduling upgrades is key to strengthening organisation’s overall security system.
The reality of most organisations is that legacy systems hinder their ability to bring security up to the required standards. The larger and more established the organisation, the more effort required. This is evident in the latest report by the Australian National Audit Office (ANAO), which found 72% of government entities were not fully compliant to the Protective Security Policy Framework.
The costs, time and resources associated with upgrading legacy systems can act as a deterrent for many organisations. However, when 60% of businesses that suffer a cyber breach collapse within six months, the cost of ignoring these systems is too great.
The Australian Signals Directorate’s Essential 8 provided Australians with a series of baseline mitigation strategies designed to assist organisations in protecting their systems against a range of adversaries. Once implemented, organisations can test their maturity levels and make the appropriate changes.
Identify the threat
Identifying the type of attack and which systems were affected are crucial to calculating the extent of the damage, what assets were exposed and the implementing the appropriate response.
The Australian Cyber Security Centre (ACSC) lists common online security risks which include;
- Hacking: Exploiting a security weakness to gain unauthorised access to systems or information
- Phishing: Using emails to lure people into divulging information (such as credentials or passwords)
- Malware or ransomware: A type of malicious software used to harm systems or networks and can render them unusable unless a ransom is paid.
Implement an incident response plan
Depending on the extent and depth of the systems breached, an incident response plan can include;
- A business continuity plan including backup systems and recovery
- Stakeholder engagement, crisis communications, and if required, a notifiable data breach plan
- Assistance from the organisation’s ISP or CDN
- Government bodies such as the Australian Cyber Security Centre
Close the loop
Once the attack has been contained, organisations must analyse the details of the attack and audit the systems and response plans to close the loop to mitigate future attacks.
One element which can easily be overlooked is the human factor. According to the Office of the Australian Information Commissioner, 38% of data breaches can be attributed to human error.
People often form the first line of defence in any cybersecurity system, and by adhering to a consistent training schedule, cybersecurity awareness can become an organisational priority. Educating employees on the latest threats and equipping them with the necessary can help alleviate the fears of the 52% of organisations who see employees as their biggest IT risk.
The latest round of attacks highlight that both public and private sectors alike must remain vigilant to ensure they’re ready to identify and react to cyberattacks. With carefully considered measures, an emphasis on cyber awareness, and incident response plans, organisations can decrease their risk and increase their cyber resilience.
Find out how to protect your organisation from cyber attacks. Download our free report to learn how cyber criminals and identity thieves attack, how to break the attack chain, and how to move to Identity as a Service to prevent cyber crime. Click here to download now.