Sonicwall Midyear Banner1

Security Market Segment LS

Sonicwall Midyear2 Banner

Sonicwall Leaderboard Banner2

Monday, 02 March 2020 11:42

Data breach report shows Australian businesses 'not learning from abroad'

Data breach report shows Australian businesses 'not learning from abroad' Pixabay

The latest data breach report from the Office of the Australian Information Commissioner shows that Australian businesses have learnt nothing from the devastating impacts of breaches in other countries, a cyber security professional says.

Alex Woerndle, principal adviser, Cyber Security at Ecosystm, said the report was a concerning read as it continued to show Australian businesses were failing to grasp necessary data protection and data management techniques.

"It appears we have learnt nothing locally from scandals and breaches that have seen millions wiped off the value of businesses overseas," Woerndle said. "For a third of all breaches to be attributable to human error is unacceptable.

"All businesses can now understand the damage and disruption simple human error mistakes are causing or could cause if not addressed. In today's world, business requires partnership and co-operation, and leaders need to find the right allies and partners to defend innovation and overcome threats, be they competitive from rivals, internal malicious attacks, or from cyber criminals looking to extort financial gain.”

Woerndle pointed out that, at the same time, cyber attack prevention called for a multi-layered defence approach that completely isolated production "live" data from back-up copies.

"Software can now use back-up data to scan for exposures and vulnerabilities in recent data as a matter of course," he said. "This can be automated too, to eliminate the necessity for IT resources to be continually checking reports and platforms.

"Automated alerts can notify the IT team when server usage is abnormal or when permissions to access data are changed, which helps counter internal and external threats that may have system access too. This gives businesses a precious commodity when dealing with cyber criminals: time. You don't have to react to a full-scale breach; instead you can spot the early warning signs and rectify.”

Woerndle said the report indicated that Australian businesses needed to have better password discipline.

"Indeed, in recent years we’ve seen a whole industry built on creating word lists of common passwords that can be thrown at employee accounts in an attempt to crack them," he said. "In addition, organisations need to train their staff better on appropriate use of email as a communication medium - not just on how to detect a malicious email, but more broadly on appropriate use. Indeed, staff should be constantly educated about phishing attacks and to be cautious when downloading files or opening attachments from unfamiliar parties.

“Businesses in 2020 should also look at their overall IT environment. While no single defence can protect completely, today’s IT security toolbox should include firewalls and anti-virus software through to network intrusion and advanced persistent threat tools, incident response planning, cloud security solutions and comprehensive awareness training for all staff. By taking a comprehensive and multi-layered approach to security, organisations can reduce the likelihood they will fall victim to malware attacks, data breaches, and avoid the disruptive and potentially costly problems they can cause.”

Simon Howe, vice-president Sales Asia Pacific, LogRhythm, said the report showed that businesses continued to be an attractive target for cyber criminals due to the large amounts of sensitive customer data collected and stored.

"Increasingly organisations of any size must be aware of the evolving types of threats and the vulnerabilities that exist across their networks in order to protect customers’ data," he said. "Security awareness programs are a great help in this regard, especially those that this report suggests focus specifically on phishing awareness.

“At the same time, security visibility and monitoring of systems, even those hosted outside of a network, are critically important. Organisations should also increasingly look at their security supply chain and include security controls and protections within contracts when partnering with third parties. This will not only limit a company’s liability if a breach were to occur, but it will also test the third party’s adherence to those controls and enable a company to monitor the controls themselves.

“As in previous years, when there is detection of a breach, rapid incident response can mean the difference between a damaging data breach and quick containment. As they look at their investment dollars in 2020, decisions makers would be well advised to put in place advanced security tools that automate common investigation tasks and streamline remediation and response in order to halt a breach immediately and in real-time.”

Ping Identity Asia Pacific chief technology officer Mark Perry focused on the issue of compromised credentials.

“It’s clear from the report that organisations are not doing enough to close the major attack vector that leads to data breaches, namely compromised credentials," he said. "At the same time, for attackers right now, phishing is low-hanging fruit, enabled by simple and outdated authentication methods. Multi-factor authentication really needs to be considered as an essential component of a cyber security strategy, for both employees and customers, especially for email accounts.

"Going passwordless is another option, well supported by industry solutions. The FIDO2 standard has been designed to mitigate phishing attacks and should be considered as a replacement for a One-Time code delivered by email or SMS, which are inherently less secure. The report also appears to suggest that the healthcare sector, in particular, needs to embrace modern, secure authentication solutions to safeguard personal and sensitive data.”

Jim Cook, ANZ regional director at Attivo Networks, said credential theft had been identified as having major appeal to hackers and suggested that against this backdrop, organisations could not afford to be complacent about their security posture or assume traditional cyber-security measures would continue to answer.

"The threat posed by cyber-crime is rising and, as organisations continue to digitise, traditional perimeter-based cyber-security strategies will no longer be completely reliable or adequate," he said. “Businesses need to have real-time monitoring and clear visibility into their operations so they can rapidly detect and neutralise security threats.

"As a result, they may now need to focus on how they manage their security challenges head-on by making every network element part of a deception fabric to disrupt an attacker’s ability to break out and further infiltrate the network. Indeed, luring adversaries into the open with deception technology can prevent them from gaining access to critical IT data and assets and ultimately reduces the occurrence of disruptive and costly incidents which businesses of all sizes can ill afford to weather.”

WatchGuard Technologies ANZ regional director Mark Sinclair said it appeared that not a day went by without the public not hearing of some new data breach, ransomware attack, company network compromise, or state-sponsored cyber-attack.

"Meanwhile, thanks to Facebook, consumers have also become intimately aware of how their own personal data privacy contributes to their own security," he said. “This Notifiable Data Breaches report data highlights the treasure trove of personal information held in email accounts and contact lists that attackers are exploiting more and more often.

"Protecting email credentials has never been more important and multi-factor authentication should now become a standard security control for businesses in 2020. Indeed, the Australian Cyber Security Centre lists MFA as a key counter-measure to protect again the exploitation of stolen credentials as part of its Essential Eight.

"MFA is a highly effective and easy to implement solution that will render a phished username/password useless. All Australian businesses should have MFA high on their cyber-security shopping list if they have not implemented it already. At the same time, businesses should remember that good security hygiene is often more about sustained behaviours than any one mistake or decision.“

Zscaler ANZ country manager Budd Ilic said despite huge sums of money being spent on security, the OAIC report painted an alarming picture of the increasing number of notifications.

"This implies businesses are not keeping up with the increasing sophistication of phishing and other cyber attacks," he said. "Every business leader should read the report and review their cyber-security governance posture in the light of these results.

"At the same time, they should focus effort on developing and integrating a risk management program across platforms and cloud and ensure that their investments are regularly reviewed and aligned to the current threat environment so that they don’t run afoul of compliance, laws and regulation.”

Read 23819 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.

Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News