sb-au logo
Story image

Three key security hotspots to consider for your 2018 budget

19 Jun 2017

With the end of the financial year looming and the 2018 financial year around the corner, businesses are being asked to consider their cybersecurity policies and put better defences in place - or risk major financial effects in the event of a breach.

Palo Alto Networks says it's not just financial but reputational damage that could come from breaches.

“Most successful attacks can be traced back to ineffective company policies or human error. The impact from a successful breach can be felt across an entire company and may result in lost productivity, as well as a negative impact on the company’s reputation and a reduced ability to attract and retain customers," explains Ian Raper, Palo Alto Networks regional vice president, ANZ.

“When budgeting for the 2018 financial year, businesses should look to strengthen cybersecurity defenses in key areas. For example businesses can do this by reviewing their cybersecurity policies and procedures, upgrading IT infrastructure and employee training to put themselves ahead.”

He believes that when organisations start to budget for the 2018 financial year, businesses should start to look at their cybersecurity policies and procedures, upgrade IT infrastructure and employee training.

Palo Alto Networks provides three key areas to strengthen security.

1. Ransomware  Conservative estimates put the cost of ransomware to the Australian economy at $1 billion a year, and the number of ransomware attacks is likely to increase along with the cost to unlock devices.

Raper says people are the weakest link in cyber defence. Training should shift from compliance-driven approaches that aren't interesting or engaging to better methods.

“Training may take different forms, and organisations could consider gamification. Gamification will make training more exciting and engaging for employees, increasing awareness of cybersecurity practices, including how to respond to attacks correctly," he says.

Gamification also lets businesses recognise and reward employees when they follow policies and procedures, leading to continued positive behaviour and a more cyber secure working environment.” 2. Internet of Things Providing thousands of potential entry points, more and more endpoint devices are now connected to an organisation’s network as part of the Internet of Things (IoT).

For example, closed circuit television (CCTV), tiny sensors attached to machinery, and even smartwatches and fitness trackers can put the business at risk if not properly secured. Many businesses may not be aware of the security risks these devices pose due to their automatic nature.  

To protect the network, businesses must introduce appropriate policies and procedures. This includes educating employees regarding what devices they are able to plug into the network. Organisations should also use next-generation security technology to focus on the network and endpoints, and the data that flows within the network. 3. Weaponised data A company’s data can be weaponised and used against it. Cybercriminals do this by leaking confidential information or infiltrating and corrupting data. The consequences range from reputational damage to material costs.

Businesses must know where sensitive data resides and who can access it, as well as what data is critical in enabling the company to operate, so they can protect it effectively. Surprisingly, many businesses struggle to answer these questions, which can make it difficult to protect resources adequately.

“As we approach the end of the financial year, now is a good time for businesses to review and update their cybersecurity policies, making sure they understand the effect cyberattacks can have on their business. Businesses should take a proactive approach to their cybersecurity, ensuring policies and procedures are understood and adhered to by all employees," Raper concludes.

Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Story image
Video: 10 Minute IT Jams - Who is CrowdStrike?
Today, Techday speaks to CrowdStrike ANZ channel director Luke Francis about the company's key products and offerings, its upcoming annual security conference, and the infrastructure it leverages in the A/NZ region.More
Story image
Phishing scam imitates SharePoint & OneNote for nefarious clicks
Sophos researchers say that the attackers take a slightly different approach to the standard ‘fake login’ phishing email.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
The importance of selecting a secure SD-WAN solution
It’s essential to adopt a secure SD-WAN solution to avoid the risks that an unsecured SD-WAN solution can introduce, writes Wavelink managing director Ilan Rubin.More