As Safer Internet Day approaches, Australian businesses are being urged to improve their defences against cyber threats. Reuben Koh, Director of Security Technology & Strategy APJ at Akamai, suggests that with the internet becoming an integral part of daily life, the increase in cyberthreats is inevitable. "The world has become more connected than ever before. With global mobile and broadband penetration at an all-time high across the world, cyber threats are accordingly on the rise," he points out.
Koh further explains the threat for Australian businesses who transact with sensitive financial information over the internet. "Both businesses and consumers are vulnerable, with dangers ranging from social engineering attacks to scams. For Aussie businesses, delivering digital services and products over the internet and having to transact with sensitive financial information, protecting websites and applications is paramount. Malicious bots are constantly targeting customer accounts, along with non-stop social engineering attacks and a rise in AI-driven scams."
According to the Australian Competition and Consumer Commission (ACCC) Targeting Scams Report, Australians lost a record $3.1 billion to scams in 2022. This staggering sum represents an 80% increase on total losses recorded in 2021, highlighting the urgent need for increased cybersecurity. There's also been a surge in reported losses to phishing scams, which leapt by 469% to $24.6 million last year.
Koh identifies three areas where businesses need to be wary of scams. These include unsolicited messages asking for personal information or money, seemingly innocent requests to download apps, which can lead to remote access to devices, and fraudulent brand communications. The latter warrants verification before taking any action. As many businesses are adopting a Zero Trust policy against cyber threats, Koh suggests that consumers also employ this tactic to better protect against scams. "We should never blindly trust anything or anyone in the digital world, always be guarded against random requests and lastly always check and verify the request as well as its requestor."
He further lists the steps that Australian businesses can take to enhance data protection. A rigorous Vulnerability Management Programme is key to ensuring their public-facing systems are unassailable. "Businesses need to implement a very rigorous Vulnerability Management Programme, to ensure that any internet-facing and public-facing systems, applications and APIs are free of vulnerabilities."
Secondly, it's crucial that businesses adopt comprehensive data protection strategies as they acquire customers' personal and financial information through transactions. "There is a legal and ethical duty to safeguard this from unintended or unauthorised data exposure, and to ensure that the privacy of customer data is kept intact," advises Koh. Lastly, businesses should work to inform not just their employees but also their customers of the latest threats and scam techniques, and how to identify and curtail them. A channel for users to verify authenticity and report scams would also be advantageous.
With a deeper understanding of the threats, implementing robust security measures, and fostering an environment of awareness and education, Koh believes businesses can create safer, more enriching online experiences. "By understanding the threats, implementing robust security measures and fostering an environment of awareness and education, we can help to ensure that our online experiences will be more enriching and safer."