13 Mar Staying on top of cyber security in 2024
Cybercrime shows no signs of slowing down in Australia.
ReportCyber, the Federal Government’s online cybercrime reporting service, received close to 94,000 reports in FY2023, according to the Australian Signals Directorate (ASD) Cyber Threat Report 2022-2023.
While attacks on big business may hog the headlines, small enterprises are squarely in the sights of hackers and cyber criminals too.
These individuals are intent on disrupting and defrauding, and their methods are becoming increasingly sophisticated, according to Steadfast’s Chief Information Security Officer Alexander Moskvin.
“Artificial intelligence can enable even ‘junior hackers’ to create sophisticated social engineering campaigns, featuring fake voice and video,” he says. “Even the smartest and most sceptical of targets can potentially be taken in.”
“And it’s easier than ever for perpetrators to home in on potential victims, courtesy of the fact that millions of Australians have had their personal information – email addresses, mobile numbers and personal identity data – leaked to the dark web during the last year.”
Meanwhile, businesses are at increasing risk of supply chain attacks. This kind of attack affords the perpetrators access to the systems and data of the victim’s partners and customers.
More hackers are starting to focus on this section of the ‘market’ – to the point that supply chain attacks may soon be offered as a service on the dark web, Moskvin says.
“Artificial intelligence can enable even ‘junior
hackers’ to create sophisticated social
engineering campaigns”
Strengthening defences
A major attack can be disruptive and expensive and while cyber insurance may help defray the costs, prevention is always better than cure. There are several ways businesses can strengthen their defences, to help reduce the likelihood of their falling victim.
First among these for SME is adopting the Essential Eight – a series of straightforward mitigation strategies developed by the ASD several years ago. They include patching applications promptly, implementing multi-factor authentication and running regular back-ups.
“They’re not fool proof but a small business that implements them across the board can become a much harder target,” Moskvin says. “Hackers will be more inclined to look for another victim whose systems offer an easier ‘in’.”
While it might not always be a full-time role, appointing a cyber owner is the best way to ensure suitable cyber-security measures are implemented and reviewed regularly.
“Unless someone is accountable for taking the actions, it’s easy for it to be everyone’s business but nobody’s task,” Moskvin says.
Keeping an eye on the security posture of your information and communication technology suppliers and partners is also a smart move, Moskvin says.
“Unfortunately, there are plenty of insecure systems on the market, so it pays to do your homework.”
Cover to help your business recover
A major cyber-attack or data breach can be disruptive and expensive. Cyber insurance is there to help your business bounce back and rebuild, should the worst occur.
To find a policy that’s right for your risk profile, contact your broker today.
Important notice
All information in this article is of a general nature only. This article does not take into account your specific objectives, financial situation or needs. Deductibles, exclusions and limits apply. You should consider the Product Disclosure Statement in deciding whether to buy or renew cyber insurance. Various insurers issue this type of insurance. Cover can differ between insurers.
Important notice – Steadfast Group Limited ABN 98 073 659 677 and Steadfast Network Brokers
This article provides information rather than financial product or other advice. The content of this article, including any information contained in it, has been prepared without taking into account your objectives, financial situation or needs. You should consider the appropriateness of the information, taking these matters into account, before you act on any information. In particular, you should review the product disclosure statement for any product that the information relates to it before acquiring the product.
Information is current as at the date the article is written as specified within it but is subject to change. Steadfast Group Ltd and Steadfast Network Brokers make no representation as to the accuracy or completeness of the information. Various third parties have contributed to the production of this content. All information is subject to copyright and may not be reproduced without the prior written consent of Steadfast Group Limited.
Important notice – Watkins Insurance Brokers Pty Ltd ABN 23 059 370 455, AFSL 244427
This article provides information rather than financial product or other advice. The content of this article, including any information contained in it, has been prepared without taking into account your objectives, financial situation or needs. You should consider the appropriateness of the information, taking these matters into account, before you act on any information. In particular, you should review the product disclosure statement for any product that the information relates to it before acquiring the product.
Information is current as at the date the article is written as specified within it but is subject to change. Watkins Insurance Brokers Pty Ltd make no representation as to the accuracy or completeness of the information. Various third parties have contributed to the production of this content. All information is subject to copyright and may not be reproduced without the prior written consent of Steadfast Group Limited.
This article has been reproduced with the consent of Steadfast Group Limited.
Source: – https://www.steadfast.com.au/well-covered/business-insurance/staying-on-top-of-cyber-security-in-2024/