October is Cyber Security Awareness Month, which encourages Australians to learn about data security and stay safe online, both within their businesses and as individuals.
WHAT IS CYBER SECURITY?
Cyber security (or information technology security) refers to the protection of computers, servers, mobile devices, networks, electronic systems and technologies from malicious attacks and unauthorised use.
The purpose of cyberattacks is usually to gain access to, modify, or destroy sensitive information. These attacks are also often aimed at extorting money from users or disrupting the normal operation of businesses.
Cybersecurity continues to grow in importance as the number of devices, programs, and users in the modern enterprise grows, along with the amount of sensitive and confidential data generated.
THE RAPID GROWTH OF CYBER ATTACKS AND THE SCALE OF THE THREAT
We’ve observed how global cyber threats have evolved throughout the years at a rapid pace, and the frequency of data breaches has alarmingly increased. In 2019, a report by RiskBased Security revealed that a shocking 7.9 billion records have been exposed by data breaches in the first nine months of that year alone. This figure represents more than double the number of records exposed in the same period in 2018.
As cyber threats continue to grow, worldwide spending on cyber-security solutions is forecast to reach a massive $133.7 billion by 2022. As a result of this, numerous governments across the globe – including Australia – have issued guidance to aid organisations in implementing effective cyber-security practices.
THE AUSTRALIAN GOVERNMENT URGES ORGANISATIONS TO ADOPT EN ENHANCE CYBER SECURITY POSTURES
Following the attack on Ukraine, there is a heightened cyber threat environment globally, and the risk of cyber attacks on Australian networks – either directly or inadvertently – has increased.
To stay ahead of the constantly growing threat landscape, we must take steps to protect ourselves and companies to protect their customers. Employing the latest technologies, having strong security measures in place and staying up to date with the new forms of cyber attacks are key to reducing the impacts on Australian organisations.
HOW TO STAY SECURE
The ACSC suggests to prioritise taking the following actions across your environment:
- Patch applications and devices, particularly internet-facing services. Monitor for relevant vulnerabilities and security patches, and consider bringing forward patch timeframes.
- Implement mitigations against phishing and spear phishing attacks. Disable Microsoft Office macros by default and limit user privileges. Ensure that staff report all suspicious emails received, links clicked, or documents opened.
- Ensure that logging and detection systems are fully updated and functioning. Prioritise internet-facing and critical network services, and ensure that logs are centrally stored.
- Review incident response and business continuity plans. It is suggested to plan responses to network compromise as well as disruptive or destructive activity, such as ransomware. Ensure these plans are known to and actionable by staff, and are accessible even when systems are down.
AS AN INDIVIDUAL, YOU CAN UTILISE THE FOLLOWING TOOLS PROVIDED BY THE ASCS:
- Find out if you’ve been hacked → Select the options that best describe your current situation to find out if you’ve been hacked.
- Take the quiz to find out how cyber-secure you are and in what areas you should improve.
- Check if you’re email is secure enough:
How to check your email account security – Outlook
How to check your email account security – Gmail
What to do if someone has hacked your email - Act now to stay secure.
Other Resources
Subscribe to get alerts on new threats.
Report a cyber crime, incident or vulnerability.
‘Essential Eight’ mitigation strategies from the ACSC’s for organisations to stay cyber-secure .
Russian State-Sponsored and criminal Cyber threats to critical infrastructure.
