sb-au logo
Story image

Brennan IT's five tips to better your cybersecurity strategy

10 Apr 2017

What are the five things that can help protect your organisation from cyber attacks? Brennan IT says that even when attacks are reported, it can take years for legal proceedings to catch up with them.

It’s better to be prepared and Brennan IT says that the $6 trillion global cost of cybercrime shows that businesses must continue to review security policies, tools and systems to stay ahead of the attacks. 

“Cyberattacks now occur with greater frequency and intensity. Many of these go unreported or underreported. Even when they are reported and the cybercriminals are discovered, it can take years for legal proceedings to catch up with them,” comments Lyncoln de Mello, Brennan IT’s director of Cloud Services.

Case in point: The perpetrators of Yahoo’s 2014 data breach have only just been convicted.

IoT security is also under the spotlight at the moment; particularly as wearable technology in the workplace increases. The number of network endpoints rises, creating more avenues for attack, de Mello says.

“Organisations need to have the right security measures in place, including staff education, to reduce the likelihood of attack. Too many organisations rely on security measures that kick in after an attack has breached their environment. Instead, it’s better to focus security efforts on finding ways to prevent attacks from happening at all,” de Mello says.

So it’s all very well to understand the risks, but how do you put security measures in place? Brennan IT suggests five tips to making your security measures more effective.

1. Effective perimeter protection Effective threat mitigation requires strong network protection of IT infrastructure and data stores. Strong perimeter protection should be implemented in layers to protect all access points of an organisation, regardless of location. Many IT providers can deliver a complete network security solution as-a-service which means businesses can save on costs and don’t have to recruit their own security specialists.

2. Geo-blocking and exception listing With most attacks now originating outside of Australia it is important to consider using geo-blocking at the business’s Internet perimeter firewall. Increasingly, organisations with ecommerce facilities are hosting their websites and the databases serving those websites with a service provider that uses strong network level protection. However, in a global market businesses need to assess the compromise of geo-blocking based on its potential to limit legitimate traffic, for example sales leads from outside Australia.

3. Checking cyber defences by running regular advanced vulnerability scans It’s important to conduct regular health checks regarding where and how data is stored, and which applications are in use on the network or are taking up valuable network availability. Businesses should keep track of all users and what parts of the network each person has access to, and understand the potential threats that may exist. Protecting and maintaining systems and devices, and inventorying the environment can help to identify potential issues before they are exploited by cybercriminals or internal malfeasance.

4. Staff identity management Many businesses use externally hosted applications such as Payroll, HR information systems and travel management. This presents the challenge of managing access and role based permission during staff turnover and recruitment. IT service providers can deploy single identity technology to reinstate control.

5. Training staff and increasing awareness Many security incidences occur as a result of human error, i.e. employees opening phishing or whaling emails. With 30 per cent of phishing messages being opened by the targeted person(2), anti-spam and anti-virus solutions are no longer adequate to protect businesses from these styles of attacks. While employee education is key, it’s also important for organisations to use advanced protection layers to automatically filter spam and provide email security.  

“The increasing prevalence of cyber-attacks should act as a reminder for Australian organisations to review their security structure to identify areas for improvement. Looking holistically at how the business stores and backs up data, protects and filters emails, manages its cloud or on-premise IT infrastructure, and keeps staff educated in matters of cybersecurity, will highlight ways to modernise and increase the efficiency of the organisation’s security architecture,” de Mello concludes.

Story image
Exabeam and Code42 partner up to launch insider threat solution
The solution will give customers a fuller picture of their environment, and will leverage automated incident response to obstruct insider threat before data loss occurs.More
Story image
Video: 10 Minute IT Jam – Who is Cohesity?
If you could pick two words to describe Cohesity, ‘data management’ fit very well.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More
Story image
Kaspersky releases new report on consumer’s approach to digital services
COVID-19 related restrictions and the necessity to stay indoors has influenced the way people approach digital services, making them more aware of how securely both they, and their housemates, use the internet.More
Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Story image
Spending on managed security services in A/NZ to grow despite COVID headwinds
COVID-19 has changed security priorities significantly, and managed security services in A/NZ are set to benefit. More