Story image

Majority of Aussie organisations have been breached in the past year

09 May 16

Results from a recent report by CompTIA have the industry reeling.

According to the study, 63 percent of Australian organisations have experienced at least one security breach or incident over the past year. What's more, mobile security incidents are becoming more prominent. It was found that 71 percent of Australian organisations reported a mobile-related security incident such as lost devices, data policy violation or simply staff disabling security features.

It is statistics like these that cause sleepless nights for IT staff. Once an organisation has been breached, the amount of damage that can be inflicted in a short measure of time is immeasurable.
 
ESET, a digital protection company, has observed this significant increase in security breaches in organisations and has commented on how to identify and prevent this security risk.

“The information stored by organisations can be very valuable and profitable for e-criminals," says Nick FitzGerald, senior research fellow at ESET. "We have seen an increase of these breaches as there is more and more data available such as customer names, addresses, social security numbers and so on."

Fitzgerald affirms one of the major problems plaguing modern organisations is that security breaches can come from anywhere - from failing to install a proper security system, to compromised credentials to simple human error.
 
“Security breaches often come from issues with passwords," Fitzgerald says. "Generally, the security afforded by passwords is overestimated, being further weakened by users sharing passwords across organisations, devices and even with colleagues. Organisations don’t always realise they put their data at significant risk by allowing this.”
 
How to avoid security breaches 

Fortunately, there are a number of ways in which your organisation can improve security and avoid costly breaches. Fitzgerald outlines a few below: 

  • "A good, cheap and easy option would be using two-factor authentication, based on one-time passwords, possibly generated in users’ mobile devices
  • Of course, having an appropriate security solution, email spam filter and a web application firewall is always a good thing
  • Make sure former employees can’t access any systems to avoid any future breaches
  • Store the minimum information required to avoid massive data breaches"

A data breach can cause significant downtime and even shut down an organisation for good. They can be very expensive to fix, so it is essential that not only essential security measures are put in place, but the defence is continually tested for weaknesses.

Cofense launches MSSP program to provide phishing defence for SMBs
SMBs are highly susceptible to phishing attacks, and often lack the resources necessary to stop advanced threats
Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.