top of page

The Hardest Question About Your Organisation’s Cybersecurity

18 June 2024

It’s the question every IT manager dreads. 


“How did you let this happen?!”

And the worst time to be asked it is after your organisation has become the latest victim of a cybercrime.


Here’s how to avoid it ever being asked…


Anxiety Rising

Boardroom anxiety about the protection of customer data has been growing across the country.  High profile incidents such as the ransomware attacks on Optus and Medibank Private have sensitised the senior leaders to both the risks and costs of negligence.

CEOs and CIOs are being quizzed: “Is our organisation doing enough to avoid becoming the next negative headline?”


Incidents Rising

The most recent report by the Australian Signals Directorate (ASD) showed that cyber attacks are happening far more frequently. On average, a new report is received every six minutes - a 23% increase year on year.


One in 5 critical vulnerabilities was exploited within a mere 48 hours.

The ASD warned that cybercriminals are constantly evolving their operations against Australian organisations, fuelled by a global industry of access brokers and extortionists. Thousands of businesses failed to fulfil their obligation to protect sensitive customer data, and millions of Australians had their information leaked on the dark web.


Costs Rising

Also troubling the C-suite is that the costs to businesses of “cyber negligence” are escalating rapidly.


The ASD says the cost of cybercrime to businesses has increased by 14% compared to the previous financial year. However, direct financial losses are just one part of the broader costs of “cyber negligence”.


For example, Medibank Private’s share price plunged more than 20% in the weeks following its loss of the personal information of 9.7m Australians.  The company is facing class actions by both shareholders and consumers alleging breaches of the company’s duty of care to protect consumer information, manage risks and make timely disclosures to shareholders.


Optus Communications saw its customer growth halved after its systems were breached. A class action by Slater and Gordon alleges that “Optus failed to protect, or take reasonable steps to protect, the personal information of its current and former customers”.


In response to rising consumer concerns, Australia’s Attorney-General, Mark Dreyfus, has flagged “better laws to regulate how companies manage the huge amount of data they collect, and bigger penalties to incentivise better behaviour”.

Reflecting the growing risks and costs of cybercrime, cyber insurance premiums are also rising.


Email: the Critical Vulnerability

According to the Australian Signals Directorate, Business Email Compromise (BEC) remains a key vector for conducting cybercrime. 


A form of email fraud, cybercriminals target organisations and scam them out of money or goods by tricking employees into revealing important business information, often by impersonating trusted senders. BEC can also involve a cybercriminal gaining access to a business email address and then sending out spear phishing emails to clients and customers for information or payment.

 
IT Managers Stepping Up

Responding to these trends, responsible IT Managers are increasingly focussed on preventing their organisations from becoming the next headline victim of cybercrime. 

In a survey conducted recently by Tenable, IT leaders said that, while the ability to respond to and recover from cyber incidents remained essential, they’re now focusing more on preventing such incidents altogether.


The Best Answer to the Hard Question

A proactive and layered strategy for storing, transferring and securing data is essential for keeping cyberthieves at bay.  Secure managed file transfer, secure content engines, secure digital rights management, and employee education combine to create the optimal way to prevent data theft and cyber breaches.


At Generic Systems Australia , we recommend the class-leading secure managed file transfer solution, GoAnywhere MFT , to keep data safe - at rest, and in transit. Coupled with our Advanced Threat Protection Bundle , we enable organisations to safely collaborate without exposing their systems to the risk of malware gaining a foothold within their IT systems.


Seamless integration between GoAnywhere MFT and the Clearswift Secure ICAP Gateway provides anti-virus and malware protection, deep inspection of the content inspection, adaptive data loss prevention, and media type protection.  Together, they provide three key defences.


1. Prevents file containing malware from being shared.

GoAnywhere provides easy anti-virus protection through the Secure ICAP Gateway to scan all inbound file transfers.  It can also detect and automatically strip out active content like embedded malware, triggered executables, scripts, or macros used to extract or hold sensitive data hostage.


Advanced Threat Protection “sanitises” files and emails without delaying delivery, guarding against today's leading malware and ransomware (e.g. CryptoLocker, CryptoWall, TorrentLocker, Dridex Dyre, BlackEnergy, etc.) and tomorrow's even more sophisticated threat variants.


2. Blocks sensitive data from being shared.

Files with Personal Identifiable Information or other sensitive data can be prevented from being transferred. GoAnywhere Threat Protection can inspect file contents, then stop and block files from being shared, based on policies you define.


3. Redacts sensitive information from files before transfer.

Advanced Threat Protection can ensure sensitive data is neither transmitted nor received, detecting and/or removing geotags, document properties, email addresses, and other metadata from documents, and replacing sensitive text with asterisks.

Using Optical Character Recognition, it can even remove text contained in scanned images.


No question: 'Prevention' is Better than 'Cure'

Cyber attacks are inevitable.  However, falling victim to them is optional

If you’d like to learn more, and be able to comprehensively reassure your Board about the steps you’ve taken to protect your business’s data, reputation and bottom line, please feel welcome to get in touch with me, Bradley Copson (mailto:bradley@gensys.com.au).

I’m always happy to have an obligation-free discussion, and even offer you a zero-cost Proof of Concept.

At Generic Systems Australia , we’re your Local Experts in Secure Managed File Transfer.

 

bottom of page