Friday, 08 May 2020 16:33

Understanding the Cyber Risk Landscape

Results from the BDO and AusCERT Cyber Security Survey 2019 are in and with three years of data to draw upon, here are some of the key insights about the changing cyber security landscape.

Since 2018, the Australian and New Zealand industry has seen a positive shift in leadership engagement and cyber security awareness. While some of this may be attributed to changes in data protection regulations, it's encouraging to see enhanced cyber maturity, management getting more involved and more businesses adopting cyber security awareness training.

Fast forward to 2020, and in the current COVID-19 environment,‘working from home’ is no longer the exception but the rule. As such, there is an overlap between the work and personal lives of staff, which has a flow-through effect on the threat and risk profiles for organisations and data exchange. The willingness and capability for organisations to recognise and adjust to this modern way of operating is a key theme of the 2019 Cyber Security Survey report recently published by BDO and AusCERT.

As the way we work changes, the complexities in identifying and addressing information security risk can be difficult, not just for individuals and small to medium businesses, but for larger organisations as well. This report delves into the evolving threat landscape, the increased risk of employee insider threat, changes to security control investments, data breaches and how to defend your business in 2020 and beyond. 

According to the report’s findings, it is “imperative that organisations take a threat-based approach and work to truly understand the types of threats they face and the most effective ways to defend against them.” BDO and AusCERT identified a set of trends as a result of the survey, highlighting that respondents continued to underestimate the threat landscape. With threats and risks changing over time and cyber attacks continuing to change in complexity and sophistication, organisations are constantly under fire.  

The key trends from the report identified that:

  • “In 2019, data breaches via insider threats were more than twice as common as expected 
  • Respondents have consistently underestimated the prevalence of data breaches caused by insider threats
  • Phishing, malware and Business Email Compromise (BEC)/Payment Redirection Fraud attacks were the most common in 2019.”

In response to these trends, survey respondents highlighted that they were using governance processes to increase risk visibility, and adopting more holistic approaches to effectively identifying and managing cyber security risk. This led to respondents feeling 50% more confident in responding to incidents and facing 30% fewer incidents.

In the cyber security world it can sometimes feel as though we are constantly under attack, and that every day brings with it new challenges and threats. And while this is true, we are also seeing organisations increasingly come together to fight off these threats. As cyber security practitioners, risk decision-makers and business leaders, it is our responsibility to ensure we share our information and resources, to support each other in staying one step ahead of our adversaries. As such, we highly recommend you take the time to download the full report by BDO and AusCERT here. May it help you to continue the fight against cyber crime, and ensure the growth of your organisation.

About AusCERT

AusCERT is Australia’s pioneer cyber emergency response team. We provide members with proactive and reactive advice and solutions to current threats and vulnerabilities. We’ll help you prevent, detect, respond and mitigate cyber-based attacks.

AusCERT offers a range of services including Incident Management, Phishing Take-Down, Security Bulletins, MSINs, Sensitive Information Alerts, Malicious URL Feeds and more.

Social Media links:

LinkedIn: https://www.linkedin.com/company/auscert/

Twitter: https://twitter.com/AusCERT

Facebook: https://www.facebook.com/AusCERT

RSS: https://www.auscert.org.au/rss/bulletins/

Read 5246 times

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.

REGISTER HERE!

LAYER 1 ENCRYPTION A KEY TO CYBER-SECURITY SOLUTION

Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.

DOWNLOAD!

VENDOR NEWS & WEBINARS

REVIEWS

Recent Comments