What is Cyber Security? A Guide for Australian Small to Medium Business.

Since the birth of the internet almost three decades ago, protection mechanisms for information assets and the practice of cyber security have considerably evolved. Cyber attacks are increasing in number and sophistication, while our dependence on the internet and other networks are simultaneously growing. As the digital world is increasingly intertwined with a string of cloud computing, smartphones, e-governance, online gaming and internet banking, it is creating more and more avenues for malicious cyber attacks.

Despite the ubiquity of today’s computer systems and networks, there isn’t one universally accepted definition of Cyber Security. Commonly defined as; the practice of protecting networks, systems and programs from digital attacks. These attacks are aimed at retrieving, changing, misusing or destroying critical information. They then result in disrupting business processes or incurring financial losses to the victims.

The technological landscape is always evolving and the adoption of new software is ever increasing. This is especially true in industries such as finance, government, military, retail, healthcare, education, and energy. More information is becoming accessible through wireless and wired communication networks. Highly sensitive information is quite valuable to criminals and needs to be protected using strong cybersecurity measures. Threat detection is key, and that’s where cybersecurity companies come in. Companies that are not aware of the risks within their infrastructure and do not implement any cybersecurity measures are at risk.

Though individuals and businesses have begun to implement some cyber security practices, by no means does it indicate that they are totally safe from the risks they pose.

Let’s briefly describe some of the most common cyber threats that individuals and small businesses face and how they can be avoided.

Malware

Malware is a short form of malicious software. It refers to any software that is specifically designed to get access into and damage the user’s computer system without their knowledge. Malware can take different forms. It can infiltrate a computer system via spam, stealing login information or crashing your operating systems. Some common types of malware programs include viruses, spyware, worms, trojan horse and botnets.

Social Engineering

In a social engineering attack, a cyber-criminal cleverly manipulates users into giving away sensitive information such as credit card or login information. Phishing is one of the most common social engineering techniques. This involves a criminal, sending a deceptive and fraudulent email, asking for the user to click on a link or surrendering away personal information.

Advanced Persistent Threats (APTs)

In APT attacks, an unauthorised user will infiltrate a network undetected. The intention behind APTs is to continuously steal data without harming the network. APT attacks often target industries with highly-sensitive information, such as the finance or defense sector.

Ransomware

Ransomware is a type of malware that locks your device and holds your files hostage until you pay a ransom which have further evolved their business model, seeking to maximise their impact by targeting the reputation of Australian organisations. The cost of ransomware extends beyond the ransom demands, and may include system reconstruction, lost productivity, and lost customers.

Australian organisations, and even individuals, were indiscriminately targeted by malicious cyber actors. Malicious actors persistently scanned for any network with unpatched systems, sometimes seeking to use these as entry points for higher-value targets.

• A rise in the average cost per cybercrime report to over $39,000 for small business, $88,000 for medium business, and over $62,000 for large business, an average increase of 14 % compared to 20-21 financial year.

Realising this trend, global spending on cyber security funding has been boosted these last few years. According to Australian Cyber Security Growth Network, the current global market for cyber security is expected growth to $270B by the year 2026. By that year, about 77% of spending will be in externally managed security services. It is expected that by 2026, global spending on external products and services for cyber security will annually increase by 8.4 percent.

Small and medium businesses are more at risk of cyber attacks compared to larger enterprises. This is because corporations are now investing and implementing strict security measures as part of their compulsory fulfillment of business requirements. Many small businesses on the other hand are yet to realise the importance of security. Unfortunately, some business owners only see the dollar value associated in implementing cyber security services. On the attacker’s end, automation has made it much easier for them to attack thousands of small businesses at one time, most of which are easy and vulnerable targets.

On 6th August, 2020, the Australian government released its cyber security strategy, which has re-emphasized the importance of cyber security resilience at national level. But the SME sector in Australia is still struggling to achieve the required standards.

According to a survey by the Australian Cyber Security Center in 2019, the country’s SME sector is highly vulnerable to cyber threats. Though only 1,763 small and medium businesses responded, which accounts to less than 0.1% of total SMEs, it’s still a first of its kind report which clearly draws attention. It mentions that a significant proportion of SMEs in Australia have inadequate cyber security services in place. This sector contributes substantially to the Australian economy. This statistic therefore indicates a potential risk to the economy at national level.

The survey report also mentions that most SMEs are aware of their exposure to cyber risks. Despite this, they don’t completely understand the severity of underlying vulnerabilities and threats that cause the risk factors.

ACSC has released its Small Business Cyber Security Guide, which provides information about all potential cyber threats and related cyber security measures, such as risk mitigation, vulnerability reduction and threat protection. However, instead of a broader approach, business owners understand clear and easy explanations of applicable threats, with examples specific to their industry. Even better would be to break down information into smaller aspects, focusing on specific areas to reduce confusion. For instance, an email policy or an access control policy for small and medium businesses.

SMEs must adopt these best practices. In addition, businesses require solutions such as Intrusion Detection Systems, Firewalls and Antimalware programs, data encryption and backup, and data leakage prevention tools to create and ensure an environment of cyber security in Australia for small and medium businesses. Kaine Mathrick Tech offers a full suite of cyber security services, in one cohesive program. 

1. New products to consider

There is a relatively new product that can be deployed that stops hidden threats that sneak past preventive security tools. By focusing on a specific set of attack surfaces, vulnerabilities, and exploits, protects a company from persistent footholds, ransomware, and other attacks.  By combining automated detection with real human threat hunters so even the most advanced threat actors won’t stand a chance against these defenses.  It detects, analyzes, responds, and reports all incidents automatically.  Another newer product is a program that is always running in the background 24/7/365 waiting to find threats as they occur and removing them before they have a chance to wreak havoc on your network.  These should be utilized in tandem for maximum protection.

2. Conduct cybersecurity training and awareness

Employees need to be educated on topics of cyber security as a means of risk management. Even the best technical defenses could fail if employees perform unintentional actions resulting in a security breach. Raising awareness of internal policies and best practices through classes, online courses, and videos is the best way to reduce the potential of a security violation.

3. Perform risk assessments

Companies need to perform a formal risk assessment to identify and prioritize all valuable assets based on the impact caused when an asset is compromised. This will help guide decisions on how to best spend its resources on securing each valuable asset.

4. Ensure vulnerability management and software patch management/updates

A company’s internal or external IT teams need to perform classification, identification, remediation, and mitigation of the vulnerabilities within all applications and networks that it uses to reduce threats. From time to time, software vendors release updates to patch and mitigate these vulnerabilities. Thus, it is important to install these updates to protect a company’s assets.

5. Use the principle of least privilege

In order to limit a successful security breach, personnel should be allowed the least amount of permissions necessary to perform their duties. Also, two-factor authentication should be used for all high-level personnel that have unrestricted permissions.

6. Enforce secure password storage and policies

Companies should enforce the use of strong passwords that adhere to industry-recommended standards for all personnel and be required to periodically change them to be protected from compromised passwords. The use of a password manager makes this easier to manage.

7. Backup data

Backing up all data regularly will ensure that all sensitive data is not lost or comprised after a security breach. Companies need to have daily backups to do a complete restore if a data breach occurs.

8. Perform periodic security reviews

Conduct periodic security reviews to identify security issues early on and to promote a safe environment. These reviews include penetration testing, dark web monitoring, architecture design reviews, and other assessments. If security vulnerabilities are discovered, companies should prioritize and mitigate the risks as soon as possible.

9. Use encryption for data at rest and in transit

Use strong encryption algorithms. Encrypting data ensures confidentiality. All web applications and software should employ the use of SSL/TLS.

10. Implement a robust business continuity and incident response

Companies need to have a solid business continuity and incident response plan which will assist in effectively responding to cyber-attacks and security breaches while ensuring critical business systems remain online.

Reference:

• What Do Cybersecurity Companies Do?