Story image

Three key security hotspots to consider for your 2018 budget

19 Jun 2017

With the end of the financial year looming and the 2018 financial year around the corner, businesses are being asked to consider their cybersecurity policies and put better defences in place - or risk major financial effects in the event of a breach.

Palo Alto Networks says it's not just financial but reputational damage that could come from breaches.

“Most successful attacks can be traced back to ineffective company policies or human error. The impact from a successful breach can be felt across an entire company and may result in lost productivity, as well as a negative impact on the company’s reputation and a reduced ability to attract and retain customers," explains Ian Raper, Palo Alto Networks regional vice president, ANZ.

“When budgeting for the 2018 financial year, businesses should look to strengthen cybersecurity defenses in key areas. For example businesses can do this by reviewing their cybersecurity policies and procedures, upgrading IT infrastructure and employee training to put themselves ahead.”

He believes that when organisations start to budget for the 2018 financial year, businesses should start to look at their cybersecurity policies and procedures, upgrade IT infrastructure and employee training.

Palo Alto Networks provides three key areas to strengthen security.

1. Ransomware  Conservative estimates put the cost of ransomware to the Australian economy at $1 billion a year, and the number of ransomware attacks is likely to increase along with the cost to unlock devices.

Raper says people are the weakest link in cyber defence. Training should shift from compliance-driven approaches that aren't interesting or engaging to better methods.

“Training may take different forms, and organisations could consider gamification. Gamification will make training more exciting and engaging for employees, increasing awareness of cybersecurity practices, including how to respond to attacks correctly," he says.

Gamification also lets businesses recognise and reward employees when they follow policies and procedures, leading to continued positive behaviour and a more cyber secure working environment.” 2. Internet of Things Providing thousands of potential entry points, more and more endpoint devices are now connected to an organisation’s network as part of the Internet of Things (IoT).

For example, closed circuit television (CCTV), tiny sensors attached to machinery, and even smartwatches and fitness trackers can put the business at risk if not properly secured. Many businesses may not be aware of the security risks these devices pose due to their automatic nature.  

To protect the network, businesses must introduce appropriate policies and procedures. This includes educating employees regarding what devices they are able to plug into the network. Organisations should also use next-generation security technology to focus on the network and endpoints, and the data that flows within the network. 3. Weaponised data A company’s data can be weaponised and used against it. Cybercriminals do this by leaking confidential information or infiltrating and corrupting data. The consequences range from reputational damage to material costs.

Businesses must know where sensitive data resides and who can access it, as well as what data is critical in enabling the company to operate, so they can protect it effectively. Surprisingly, many businesses struggle to answer these questions, which can make it difficult to protect resources adequately.

“As we approach the end of the financial year, now is a good time for businesses to review and update their cybersecurity policies, making sure they understand the effect cyberattacks can have on their business. Businesses should take a proactive approach to their cybersecurity, ensuring policies and procedures are understood and adhered to by all employees," Raper concludes.

Aerohive launches guide to cloud-managed network access control
NAC for Dummies teaches the key aspects of network access control within enterprise IT networks and how you can secure all devices on the network.
Sungard AS named DRaaS leader by Forrester
It was noted for its disaster-recovery-as-a-service solution’s ability to “serve client needs at all stages of their need for business continuity.”
Gartner: The five priorities of privacy executives
The priorities highlight the need for strategic approaches to engage with shifting regulatory, technology, customer and third-party risk trends.
emt Distribution adds risk intelligence vendor
Flashpoint has signed emt Distribution to provide channel partners in Oceania and South East Asia a solution for illicit threat actor communities.
CrowdStrike: Improving network security with cloud computing solutions
Australian spending on public cloud services is expected to reach $6.5 billion this year according to Gartner
Thycotic debunks top Privileged Access Management myths
Privileged Access encompasses access to computers, networks and network devices, software applications, digital documents and other digital assets.
Veeam reports double-digit Q1 growth
We are now focussed on an aggressive strategy to help businesses transition to cloud with Backup and Cloud Data Management solutions.
Paving the road to self-sovereign identity using blockchain
Internet users are often required to input personal information and highly-valuable data from contact numbers to email addresses to make use of the various platforms and services available online.