Story image

Majority of Aussie organisations have been breached in the past year

09 May 2016

Results from a recent report by CompTIA have the industry reeling.

According to the study, 63 percent of Australian organisations have experienced at least one security breach or incident over the past year. What's more, mobile security incidents are becoming more prominent. It was found that 71 percent of Australian organisations reported a mobile-related security incident such as lost devices, data policy violation or simply staff disabling security features.

It is statistics like these that cause sleepless nights for IT staff. Once an organisation has been breached, the amount of damage that can be inflicted in a short measure of time is immeasurable.   ESET, a digital protection company, has observed this significant increase in security breaches in organisations and has commented on how to identify and prevent this security risk.

“The information stored by organisations can be very valuable and profitable for e-criminals," says Nick FitzGerald, senior research fellow at ESET. "We have seen an increase of these breaches as there is more and more data available such as customer names, addresses, social security numbers and so on."

Fitzgerald affirms one of the major problems plaguing modern organisations is that security breaches can come from anywhere - from failing to install a proper security system, to compromised credentials to simple human error.   “Security breaches often come from issues with passwords," Fitzgerald says. "Generally, the security afforded by passwords is overestimated, being further weakened by users sharing passwords across organisations, devices and even with colleagues. Organisations don’t always realise they put their data at significant risk by allowing this.”   How to avoid security breaches 

Fortunately, there are a number of ways in which your organisation can improve security and avoid costly breaches. Fitzgerald outlines a few below: 

  • "A good, cheap and easy option would be using two-factor authentication, based on one-time passwords, possibly generated in users’ mobile devices
  • Of course, having an appropriate security solution, email spam filter and a web application firewall is always a good thing
  • Make sure former employees can’t access any systems to avoid any future breaches
  • Store the minimum information required to avoid massive data breaches"

A data breach can cause significant downtime and even shut down an organisation for good. They can be very expensive to fix, so it is essential that not only essential security measures are put in place, but the defence is continually tested for weaknesses.

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
WatchGuard announces A/NZ partners awards
Four Australian companies were named partner award winners at the WatchGuard conference in Vietnam.
Telstra’s 2019 cybersecurity report
Cybersecurity remains a top business priority as the estimated number of undetected security breaches grows.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Why cybersecurity remains a top business priority
One in two Australian businesses estimated that they will receive fines for being in breach of new legislation.