Enhanced cybersecurity measures urged by Software@Scale
Software@Scale has urged medium and large businesses to enhance their cybersecurity measures significantly. The company advises that organisations adopt a multi-layered approach, including regular risk assessments, robust access controls such as multi-factor authentication (MFA), data encryption, and continuous employee cybersecurity training and awareness programmes.
Recommendations for network security involve the implementation of firewalls, intrusion detection/prevention systems (IDS/IPS), and network segmentation. For endpoint security, antivirus/anti-malware solutions, endpoint detection and response (EDR) or extended detection and response (XDR) systems, and application whitelisting are suggested as essential tools.
Emphasising the importance of comprehensive cybersecurity strategies, Software@Scale also advocates for conducting penetration testing, developing incident response plans, and establishing security monitoring to enhance resiliency and improve the overall maturity of an organisation's cybersecurity infrastructure.
Company CEO Louis Droguett commented on recent developments, stating, "The recent exposure of the APT40 group highlights the growing threat of state-sponsored cyber attacks and the importance of public awareness." Droguett believes that such incidents underscore the necessity for businesses to take proactive measures in securing their operations.
To bolster cybersecurity, Droguett urged companies to adopt a cybersecurity awareness programme, embrace a zero-trust security model, implement strong access controls, follow stringent patch management practices, enable security information and event management (SIEM) services, and conduct regular penetration testing activities.
Referencing recent alerts, Droguett added, "The Apple warning about spyware attacks underscores the need for vigilance against sophisticated threats." He emphasised that this serves as a critical reminder for businesses to be proactive in their approach to safeguarding sensitive data and operations.
To protect against ransomware attacks specifically, Software@Scale advises the implementation of endpoint detection and response services, regular software updates and patches, strong access controls, robust email and web filtering services, mature security awareness programmes, and continuous cyber monitoring services.
Droguett pointed to a report by the Australian Cyber Security Centre (ACSC), noting, "The ACSC report emphasises the sophistication of blended attacks and the need for traditional cybersecurity measures combined with strategies to address state-level threats." This statement highlights the evolving nature of cyber threats and the necessity for businesses to adopt conventional and advanced defensive techniques.
Software@Scale's recommendations reflect a comprehensive approach to enhancing cybersecurity for medium and large businesses. By advocating for multi-layered security strategies, including regular risk assessments, robust access controls, and continuous employee training, the company underscores the importance of proactive measures in safeguarding against evolving cyber threats. The emphasis on advanced tools and practices, such as penetration testing and zero-trust models, aligns with the need to address traditional and sophisticated attacks.