Search Results
103 items found for ""
- Best Practices for Cloud MFT | GSA
< News Best Practices for Cloud MFT 30 Jan 2024 Best Practices for Cloud Managed File Transfer Data is the lifeblood of modern business. And most modern organisations rely to some extent on the Cloud as they transfer files between employees, trading partners, and customers. To help you guard against cybercrime, here are best practices for safeguarding your data on its way to, from and in, the Cloud. Some Clouds are Better than Others Cloud computing comes in three basic flavours… Public, Private, and Hybrid. Each offers differing degrees of security and risk. Of the three, a Self-Hosted Private Cloud solution offers considerable advantages through enhanced levels of control and protection. It: Is ring-fenced inside your organisation’s security perimeter, enjoying the same protections and security posture as the rest of your IT environment. Can be integrated into your network with AWS VPN / Azure Express route links. Has access to your internal systems through appropriate firewall controls to better suit interfacing requirements (aka “lateral movement of data”). Ensures internal file and data transfers never leave your secure local network. Public and Hybrid Clouds Permitting your precious data to go “off-prem” inherently increases the risk it may be intercepted or accessed by cybercriminals. However, leading MFT solutions - in combination with a trustworthy Cloud provider, appropriately configured - can mitigate these risks, and provide MFT-as-a-service. Choosing with the Best Cloud Provider Cloud providers come in all sizes, capabilities … and risk profiles. Ensure your Cloud provider uses robust security protocols and safeguards. Do they utilise the latest encryption protocols, and offer strong user authorisation and access controls? Do their data transmission and storage approaches meet the regulatory requirements for your industry? What performance levels does your Cloud provider commit to? Can they quickly and reliably receive, store and transmit your business-essential files? Can your Cloud provider easily integrate with your existing systems? Can your Cloud provider offer an appropriate level of technical support when you need it? At Generic Systems Australia , we would be happy to share with you our significant experience with and expert perspective on locally-available Cloud providers, detailing and how well they meet the requirements for safe, efficient and effective MFT. Meet Industry Compliance Requirements Some industries are subject to heightened regulatory requirements regarding data storage and transfer. Even when using an “off-prem” Cloud provider, you remain responsible for meeting those requirements. Failing to utilise an appropriately compliant Cloud environment can lead to fines, law suits, loss of customers, loss of supplier trust, and reputational damage. Maintain Control and Data Sovereignty Governments increasingly require organisations to maintain authority and control of data within their jurisdictional boundaries – aka, “data sovereignty”. Private and Hybrid Cloud environments provide inherently greater authority over where data is stored, access permissions, and retention policies. In this way, they enable organisations to better navigate myriad data sovereignty mandates and evolving compliance standards. Utilising Managed File Transfer as a Service (MFTaaS) MFTaaS is an approach which can help organisations streamline their file transfer processes, while offering robust security, scalability, reliability, anywhere access and cost-effectiveness. However, be sure to confirm your MFTaaS solution offers robust encryption and security protocols, can scale grow with your organisation's needs, and complies with the industry regulations relevant to your business. Technical Best Practices for Cloud File Transfers Ensure secure and efficient transmission of data in a Cloud environment by observing these technical requirements: Data Encryption at Rest and in Transit: Utilise encryption protocols like SSL/TLS for data in transit and encryption solutions provided by your Cloud provider for data at rest. In private Cloud settings, you can also leverage approaches like Bring Your Own Key (BYOK) or Hold Your Own Key (HYOK). Data Loss Prevention (DLP): A robust DLP solution helps prevent unauthorised data transfers and leakage by monitoring data in real-time and preventing it from being transmitted outside of your organisation. Intrusion Detection Systems (IDS): By monitoring and alerting IT security teams to any suspicious file transfer behaviour, IDS helps nip security breaches in the bud. Employee Best Practices Having your team follow best practices is also essential to secure data transfer and storage. Staff Training: Teach your employees to recognise data security risks, and how to avoid them. Place special focus on phishing and social engineering – two of the most prevalent cybercriminal threats. Multi-Factor Authentication (MFA): Enforce MFA for file transfers, and utilise phishing-resistant techniques. Access Control: Restrict access to files and systems, and provide users with only the minimum level of access necessary to perform their role. Implement a regular cycle of access permission reviews. Audit, Backup and Recovery Best Practices Continuous monitoring and auditing of Cloud file transfers not only maintains the security of your data, it also helps identify and mitigate potential threats, while monitoring on-going compliance. Log Analysis and Security Information and Event Management (SIEM) proactively monitor transfers, and enable your IT team to react quickly to emerging threats and incidents. Data backup and disaster recovery are the final critical components of your comprehensive safeguards against data loss in Cloud file transfers. They ensure that, if a disaster occurs, your organisation can provide business continuity by maintaining the availability and integrity of data. Making the Cloud Safe for File Transfers By following these best practices, the Cloud can be an efficient, reliable and secure element within your organisation’s overall data transfer approach. At Generic Systems Australia , we use and recommend the class-leading (link) managed file transfer solution, GoAnywhere MFT , for the way it integrates with the Cloud and embeds best practices. Providing peace of mind, by securing sensitive files in transit and at rest, GoAnywhere automates and encrypts data between an organisation and its trading partners, protecting it from unnecessary vulnerabilities while improving efficiency and reducing costs. If you’d like to learn more about GoAnywhere MFT , check out our resources at Generic Systems Australia. Our Business Manager, Bradley Copson ( bradley@gensys.com.au )would also be happy to offer you an obligation-free discussion , a no cost trial, or even a Proof of Concept for your business. Simon Keunstner, Senior Technical Consultant, Generic Systems Australia “Local Experts in Secure Managed File Transfer” Previous Next
- Companies ignoring hack warnings | GSA
< News Companies ignoring hack warnings 4 Oct 2024 Almost half of the businesses warned by Australia’s top cyber security agency of impending hacks didn’t bother to return the phone call. In an alarming disclosure to The Australian Financial Review, the new director-general of the Australian Signals Directorate (ASD), Abigail Bradshaw, said that the agency had contacted organisations 620 times in the last 12 months to tell them it had information “that suggests that you might have a problem”. But of those calls, 280 were never returned. Bradshaw said the agency shared such information because it had been shown to help companies to achieve positive outcomes in the face of escalating threats while enabling The ASD to detect more incidents. Sharing Encouraged The ASD’s alerts are part of a broader government plan to encourage more information sharing. New rules recently announced will permit businesses to share private details with government agencies without concern it will be used against them in future damages claims. That being said, regulators are still tightening the screws on directors and executives to take responsibility for cyber security prevention and recovery. The new laws won’t provide “immunity” for those who fail to prepare in the months or years leading up to a hack. Hacking: this century’s “H-Bomb” Not only is cybercrime financially lucrative for ransomware gangs, but digital attacks are becoming a critical component of geopolitical conflict, Bradshaw said. “The line between state-based actors and criminal actors is becoming finer,” she said. Cybercrime and conflict are set to escalate as quantum computing coupled with artificial intelligence supercharges hacking efforts. The US’s Pentagon described that emerging combination as “the 21st century’s equivalent of the nuclear bomb”. The Australian Financial Review warned that “if you get caught out by a cyberattack which causes broader harm, directors will not be able to talk their way out of trouble by saying they thought their techies had it covered”. Acting on ASD Alerts To mitigate hefty fines and sanctions, directors and executives need to prioritise their time and attention on cyber safety. A Managed File Transfer (MFT) solution such as GoAnywhere MFT can encrypt data at rest and in transit, complying with the highest data security standards. It manages inbound and outbound file transfers across an organisation, using industry-standard file transfer protocols and encryption to protect data in transit and at rest. Advanced Threat Protection and Adaptive Loss Prevention add a further layer of defence. SFT Threat Protection enables safe collaboration with external parties, preventing malware from entering an organisation, and reducing the risk of employees losing or mishandling sensitive data. Local Experts On Hand Generic Systems Australia are local experts in helping companies deploy Managed File Transfer and Advanced Threat Protection. We’ve assisted hundreds of organisations across Australia and New Zealand to secure their data and keep cybercriminals at bay. If you’d like to discuss how we can help you, please feel welcome to contact me, Bradley Copson. I’m always happy to have an obligation-free discussion, explain how simply we can transition you from outdated software and approaches, and offer you a zero-cost Proof of Concept. Previous Next
- Black Friday Sales Splash Creates Data Surge | GSA
< News Black Friday Sales Splash Creates Data Surge 12 Nov 2024 Data transfer traffic is already surging across Australia as many online retailers jump the gun and promote Black Friday Sales early this year. Australians are set to spend a record $6.7B during the Black Friday/Cyber Monday weekend, according to Roy Morgan Research. An increase of 5.5% on last year, this level of spending will mean Black Friday has well and truly eclipsed Boxing Day as Australia’s top shopping event of the year. 50% of Australians plan to participate in the annual sales splurge, according to Future Publishing Australia’s inaugural Consumer Confidence Report. Of these, 45% plan to find their Black Friday deals online. Data Transfer Tsunami The surge in sales will in turn create a tsunami of data transfers, as businesses transact, process orders, and share a variety of e-commerce files with their supply chain partners. For some businesses – those still using outdated file sharing technologies like email and FTP – this will be a hugely stressful period. They’ll need to be hyper vigilant for lost orders, failed file transfers, and man-in-the-middle hack attacks. Other businesses - those taking advantage of modern, automated file transfer technologies such as Managed File Transfer (MFT) - will surf the data tsunami with ease. MFT will comprehensively address the risks and challenges of moving information, both within their organisation, and with external suppliers, partners and customers. Through centralised control, encryption, automation and auditing, MFT will provide the security, efficiency, reliability and scalability that FTP and email never could. “Cyber Trust” Consumer trust in retailers’ e-commerce transactions will be an even more important factor in eventual sales numbers this year. High profile hacks of consumer data over the past 12 months are leading consumers to question the security of a company’s systems before handing over credit card and other information. Companies will need to be able to provide reassurance – and proof – that transactions and personal data will be secure. Companies with MFT will be better able to provide that reassurance, keeping a clean history as responsible guardians of customer data. Shopper Shift Chris Ferguson, commercial director APAC at Future Publishing Australia, described the popularity of Black Friday in the local market as a “pivotal” change in the retail landscape. “Consumers are increasingly drawn to the prospect of early savings and the convenience of online shopping, so retailers anticipate and accept this new reality to capture their share of the market.” He said that, despite the current economic climate, his research showed Australians remained committed to their festive spending plans. 56% of Australians still plan to spend the same amount as last year on Christmas gifts, while 21% intend to spend even more. Australian Retailers’ Association CEO Paul Zahra said retailers were “pulling out all the stops to ensure they have the best product lines and gift solutions, customer service offerings and enhanced online platforms to make shopping during this peak season more seamless than ever.” He said most discretionary retailers expect to make up to 66% of their annual profit during peak season. Surf the Tsunami Generic Systems Australia are Australia’s experts in deploying Managed File Transfer and other layered defences, such as Advanced Threat Protection . We routinely help local organisations better manage their file transfers, seamlessly scaling up to meet the heightened demands of sales events like Black Friday. If you’d like to discuss how we can help you, please feel welcome to contact me . I’m always happy to have an obligation-free chat and explain how simply we can level up your file transfer approaches. I can even arrange a simple, zero-cost Proof of Concept. Previous Next
- MediSecure hack Australia’s worst so far | GSA
< News MediSecure hack Australia’s worst so far 19 July 2024 eScripts provider MediSecure has revealed that 12.9M Australians had their data stolen in a hack earlier this year, making it one of the largest cyber breaches in Australian history. MediSecure, which facilitates electronic prescriptions and dispensing, confirmed in May it was the victim of a ransomware attack, following an earlier theft of data which continued until November 2023. The company went into voluntary administration in June after the federal government ruled out a financial bailout. Sensitive Patient Data Lost In a statement released late Thursday afternoon, MediSecure gave details about the kinds of data stolen, including full names, phone numbers, dates of birth, home addresses, Medicare numbers, and Medicare card expiry dates. The 6.5 terabytes of data also included some sensitive health information, such as which medications people were prescribed, the name of the drug, dosage, the reason for their prescription, and instructions for taking the medication. Inadequate Protection MediSecure said it was unable to identify specific impacted individuals “due to the complexity of the data set" and that doing so would have come at a "substantial cost that MediSecure was not in a financial position to meet". A tiny sample of the data was published on a dark web forum following the hack, and the larger data set was listed as being for sale, for $50,000. It's not clear whether the data was sold, but it's considered likely. Vigilance Urged Cyber security experts have urged Australians to remain vigilant for signs of fraud being committed using their medical data. Said one: "If contacted by someone claiming to be a medical or other service provider, including financial service provider, seeking personal, payment or banking information, you should hang up and call back on a phone number you have sourced independently." Avoiding becoming the Next MediSecure Now in liquidation, MediSecure is an example of how not to protect the sensitive customer data entrusted to your organisation. One of your best defences against hackers is to centrally control the flow of data into and out of your organisation. Managed File Transfer (MFT) software does that for you. But MFT does more than just provide centralised control. It also offers encryption, efficiency boosts and auditing capabilities. Using enhanced security protocols, it ensures data privacy during transmission and storage. And it also provides detailed audit-ready logs which detail which data has been accessed and by who. Expert Local Advice At Generic Systems Australia , we’re the Asia-Pacific’s experts on the world’s #1 MFT, GoAnywhere . If you’d like an obligation-free discussion about how we could help you keep your organisation safe from cyber thieves, please feel welcome to get in touch . Attribution: This article was largely sourced from Australia’s ABC News service Previous Next
- What is ‘MFT’ ... and why should you care | GSA
< News What is ‘MFT’ ... and why should you care 19 Oct 2023 What is ‘MFT’ - and why should you care about it? In today's data-driven world, the seamless and secure exchange of information is key to business efficiency. Managed File Transfer (MFT) is a powerful technology that comprehensively addresses the risks and challenges of moving information, both within an organisation, and with external suppliers, partners and customers. At its core, Managed File Transfer simplifies the complexities of data transfer by offering centralised control, encryption, and auditing capabilities. Unlike traditional approaches, such as FTP, MFT provides enhanced security protocols, ensuring data privacy during transmission and storage. And it does so via a user-friendly interface, which is easy to use for even non-technical employees. Organisations adopt MFT technology for the many benefits it provides. Security: MFT employs robust encryption algorithms, reducing the risk of data breaches during transit. Features like Access Controls, and Multi-factor Authentication, safeguard sensitive information from unauthorised access. Efficiency: MFT automates repetitive tasks. This not only reduces human error, it saves significant staff time. Through scheduling of file transfers, monitoring of progress, and automatic error-handling, it enables a significant boost to operational efficiency. Compliance: In industries with strict regulatory requirements, MFT helps companies meet compliance standards (e.g. HIPAA and GDPR) by automatically maintaining detailed logs and audit trails. Scalability: Through its ability to handle large file transfers and an ever-growing number of users, MFT is able to grow in sync with an organisation's needs, while maintaining superior performance. Collaboration: In addition to improving business processes within an organisation, MFT facilitates seamless collaboration with external partners, suppliers, and customers, fostering strong relationships built on shared trust and reliability. Managed File Transfer technology offers organisations a secure, efficient, and scalable solution for their data transfer needs. By leveraging MFT, businesses can not only streamline their operations but also gain a competitive edge, while ensuring the integrity and confidentiality of their data in today's interconnected digital landscape. Generic Systems Australia is the Asia-Pacific region’s leading provider of secure MFT solutions. If you’d like to explore how your organisations’ efficiency and bottom line could be boosted through MFT technology, please feel free to contact our Business Manager, Bradley Copson, ( bradley@gensys.com.au ) for an obligation-free discussion. Previous Next
- Rate Rise Should Spur Rethink | GSA
< News Rate Rise Should Spur Rethink 13 Nov 2023 Following the Reserve Bank’s decision to further hike interest rates, it’s timely for business leaders to explore how they can minimise any negative impacts on their companies. Rowan Tracey, Partner at HLB Mann Judd , Australian businesses would need to “find efficiencies and cut operating costs”. “The Reserve Bank’s decision … will impact business margins, particularly small to medium businesses with high debt and low capital. The natural reflex for businesses is to raise prices to even out the balance sheet, which would be fine in a more buoyant economy. (But) rising fuel prices and cost of living already has many scrambling to find ways of cutting costs, including their current expenditure.” Rowan offers these alternative suggestions to businesses wanting to maintain margins without imposing price hikes: 1. Improve Productivity & Efficiency: Review processes and output and look at ways to improve or streamline your operations, such as automation of processes including business software. 2. Strategically Cut Costs: Review your current service providers and contracts and compare to the current market. 3. Revisit Your Banking & Financial Products: Look beyond the short-term and make sure the interest rate on your business loans is competitive. 4. Develop a Pricing Strategy : Look at ways to leverage or bundle existing goods and services. 5. Reconsider Your Supply Chain : Consider reducing risks by finding a domestic supplier to slash the costs of freight and storage. 6. Review Workforce Arrangements: Consider offering flexible work arrangements, nine-day fortnights, and training and development opportunities - particularly those subsidised by government. One way to address Item #1 (“Improve Productivity and Efficiency”) is to reconsider how your business transfers data. Moving data – between employees, with customers, and with your supply chain partners – is now a “core process” for every modern business. That makes it a target for improving efficiency and productivity. A Managed File Transfer solution, such as GoAnywhere MFT, is more cost-effective and efficient than having your staff waste time on old-fashioned and risky manual approaches. In fact, a study by Aberdeen Group found that businesses which invested a little in a professional Managed File Transfer solution had a median return of almost 500 times their investment! Generic Systems Australia are your local experts in file transfer technologies. Contact me if you’d like an obligation-free discussion , no cost trial, or Proof of Concept showing how GoAnywhere could boost your business’s productivity. Previous Next
- "Flip the Scripts" ... and Transfer Files Efficiently | GSA
< News "Flip the Scripts" ... and Transfer Files Efficiently 20 Oct 2023 Replace Risky File Transfer Scripts with GoAnywhere MFT Once upon a time, writing scripts to partially-automate the transferring of files was “good enough”. However, technology has moved on. With cybersecurity threats multiplying and businesses focused on improving productivity, script-based file transfers just aren’t cutting it anymore. Why Replace File Transfer Scripts? Scripts aren’t secure . For example, user credentials aren’t encrypted, putting your entire system at risk. Scripts lack advanced features . For example, automating file transfers with FTP requires adding a second solution, a time-consuming and complex prospect. It’s also difficult to build in re-try features, and lock down how users interact with sensitive data. Scripts don’t play well with new tech . For example, modern cloud-based computing environments require file transfers to be integrated with cloud-based solutions, and platforms such as Azure and AWS. Scripts can be time consuming . Developing, maintaining, and troubleshooting scripts takes time, distracting valuable support staff from more important things. Worse, if they’re not available when a script fails, it bottlenecks your workflow. Scripts don’t have logging built in . All logging needs to be built into your scripts. Accessing those logs can be time consuming and difficult, requiring an effective filter and search tools. The Benefits of Replacing Homegrown Scripts As well as increasing the security of your file transfers, moving away from scripts provides your organisation with many other advantages: Centralise workflow . Instead of using multiple different tools, programs, and scripts to encrypt, send, and automate your file transfers, GoAnywhere MFT enables all of these from a single interface. That significantly streamlines day-to-day operations and reduces wasted tool maintenance time. Automate . No matter the volume of files to be transferred across your business and supply chain, GoAnywhere enables your team to spend time focusing on other things. Comply with regulations . By logging file transfers and access across your organisation, GoAnywhere MFT proves your compliance with legal requirements, such as data privacy and encryption. Those logs are also very handy if you’re conducting an audit, or forensics on an internal security breach. The Far Better Alternative GoAnywhere is the industry’s leading Managed File Transfer solution. It ensures data is transferred securely - both internally and externally – and accelerates your team’s productivity. If you’d like to learn more about how GoAnywhere MFT could add to your organisation’s bottom line, please feel free to contact me ( bradley@gensys.com.au ), or read more at the Generic Systems Australia website . Bradley Copson, Business Manager, Generic Systems Australia Previous Next
- Black 'Fileday' | GSA
< News Black 'Fileday' 29 Nov 2023 Australian shoppers were tipped to spend $6.36B across the Black Friday weekend, according to the Australian Retailers Association.The surge in sales has in turn created a tsunami of data transfers, as businesses share orders, files and information with their supply chains.For some businesses, it will be a stressful period. But others - those who entrust their file transfers to GoAnywhere MFT - will surf the data tsunami with ease, as GoAnywhere conveys all their valuable files reliably and securely.(And of course, our local technical team at Generic Systems Australia will always be on hand to share our unparalleled MFT expertise with our customers.) Previous Next
- Survey finds IT leaders increasingly focussed on PROACTIVE cybersecurity | GSA
< News Survey finds IT leaders increasingly focussed on PROACTIVE cybersecurity 12 June 2024 Australian IT leaders are increasingly focusing on proactive cybersecurity, according to a new survey released today. In a survey conducted by Tenable, IT leaders said that, while the ability to respond to and recover from cyber incidents remained essential, they are now focusing more on preventing such incidents altogether. Preventative measures they are investing in include: access controls and monitoring (64%) regular software updates and patch management (64%), and regular employee training and education on cybersecurity best practices (60%). Dark Tide Rising The most recent Australian Signals Directorate Report shows that cybercrime is on the increase for enterprises. On average, a new report is received every six minutes, up 23% year on year. The average cost of cybercrime has also increased by up to 14%. Saving Ransoms, Reputations, Operating Costs Adopting preventative cybersecurity measures isn’t only saving companies from the costs of cybercrime. Companies who take proactive steps say they are also benefiting from lower cyber insurance premiums. 44% of IT leaders experienced reductions ranging from 5% to 15%. Reductions of that magnitude demonstrate that insurers too are recognising the effectiveness of proactive cybersecurity. Proactive, Layered Defence A proactive strategy for storing, transferring and securing data is essential for keeping cyberthieves at bay. A layered approach - secure file transfer, secure content engines, secure digital rights management, and employee education – is the optimal way to prevent data breaches. At Generic Systems Australia , we recommend the class-leading secure managed file transfer solution, GoAnywhere MFT , to keep data safe - at rest, and in transit. Coupled with our Advanced Threat Protection Bundle , we enable organisations to safely collaborate without exposing systems to the risks of malware gaining a foothold within their IT systems. About The Survey Tenable partnered with Pure Profile to collect data from more than 200 IT and cybersecurity leaders across the insurance, banking, education, healthcare and transport industries in Australia. If you’d like to join the growing number of IT managers taking strong preventative measures to avoid cybercrime, please get in touch with me, Bradley Copson ( mail to :bradley@gensys.com.au ). I’m always happy to have an obligation-free discussion, explain how simply we can transition you from outdated software and approaches, and offer you a zero-cost Proof of Concept. At Generic Systems Australia , we’re your local experts in secure Managed File Transfer. Previous Next
- New Cyber Laws Impose New Business Obligations | GSA
< News New Cyber Laws Impose New Business Obligations 16 Oct 2024 Australia’s federal government last week introduced much-anticipated legislation to parliament which will revolutionise Australia’s cyber security preparedness. If passed as expected, the new laws will impose new compliance and reporting requirements on local businesses. Govt Intent Designed to protect businesses and consumers from the growing scourge of cyber crime, the Cyber Security Act 2024 is Australia’s first standalone cyber security legislation. Introducing the Act, Minister for Cyber Security, Tony Burke, said that – like IT systems themselves - legislation needed to be hardened to protect national security and economic stability. He described the package as providing a clear legislative framework for contemporary, whole-of-economy issues which would identify and respond to new and emerging cyber threats. Seven Initiatives There are seven initiatives under the 2023-2030 Australian Cyber Security Strategy which collectively address gaps in current legislation to: Mandate minimum cyber security standards for smart devices; Introduce mandatory ransomware reporting for certain businesses to report ransom payments; Introduce a ‘limited use’ obligation for the National Cyber Security Coordinator and the Australian Signals Directorate; and Establish a Cyber Incident Review Board. SOCI Reforms The legislation will also progress and implement reforms under the Security of Critical Infrastructure Act 2018 (SOCI Act): Clarifying existing obligations in relation to systems holding business critical data; Simplifying information sharing across industry and Government; Introducing Government powers to direct entities to address serious deficiencies within their risk management programs; and Moving regulation for the security of telecommunications into the SOCI Act. The SOCI Act reforms will also expand current Government assistance measures to ensure Government can step in as a last resort to manage the consequences of significant incidents. Govt Empowered Changes to government assistance measures will empower the Government to gather information or direct entities to take or refrain from certain actions, on authorisation from the Minister for Home Affairs, in response to a serious incident. Characterising the legislation as a significant step towards his government’s vision of becoming a world leader in cyber security by 2030, Tony Burke said: “We know government has to lead the way on cyber, but we also know we can’t do it alone. This is why these new laws have been consulted extensively with business. “To achieve Australia’s vision of being a world leader in cyber security by 2030, we need the unified effort of government, industry and the community.” New Business Obligations Legal firm A&O Shearman cautioned that the new Cyber Bill will introduce several new critical areas of compliance and reporting. It said businesses must take heed of these new obligations, and ensure they put in place robust cyber security measures. • Ransomware Reporting Obligations : Entities impacted by cyber security incidents and making ransomware payments must report these payments within 72 hours. The aim of this obligation is to improve the detection and response to ransomware incidents, thereby reducing their impact. Failure to report can result in civil penalties. • Security Standards for Smart Devices : The Cyber Bill mandates that manufacturers and suppliers of smart devices comply with specified security standards. This is crucial for businesses involved in the production or distribution of smart devices. Non-compliance can result in compliance notices, stop notices, and recall notices. These measures are designed to ensure that smart devices are secure and do not pose a risk to users. • Protected or Limited Use of Incident Information : The Cyber Bill includes provisions to ensure that information provided about cyber security incidents is used or disclosed only for permitted purposes, with strict limitations on using this information for civil or regulatory actions against the reporting entity. • Cyber Incident Review Board : The Cyber Bill establishes a Cyber Incident Review Board tasked with reviewing certain cyber security incidents and making recommendations. The Board has the authority to request and require documents from entities. Non-compliance may result in civil penalties. A&O Shearman said organisations should make sure they implement security standards in compliance with the specified security measures currently provided for in the Cyber Bill, and make sure they can comply with the ransomware reporting obligations, including the timelines foreseen in the Cyber Bill. Meeting New Requirements Criminal syndicates target organisations which haven’t adequately protected their data transfers and systems access. Defending against them requires a multi-layered strategy which includes robust data transfer protection, multifactor authentication and employee training. Managed File Transfer (MFT) solutions such as the class-leading GoAnywhere MFT encrypt data at rest and in transit, complying with the highest data security standards - including the US’s and Europe’s stringent HIPAA, HITECH, PCI DSS, SOX, and GDPR. MFT manages inbound and outbound file transfers across an organisation, using industry-standard file transfer protocols such as SFTP, FTPS, and AS2 to send files securely, and encryption standards such as Open PGP and AES to protect data in transit and at rest. GoAnywhere MFT also provides audit reports, which will help organisations meet new reporting and compliance needs. All file transfer and administrator activity is stored and easily searchable. To help organisations report on file transfer activity and remain compliant with the new legislation, these audit logs can be automatically generated and provided as PDFs. Advanced Threat Protection and Adaptive Loss Prevention add a further layer of defence. SFT Threat Protection enables safe collaboration with external parties, preventing malware from entering an organisation, and reducing the risk of employees losing or mishandling sensitive data. Local Expertise on Hand Generic Systems Australia are your local experts in Managed File Transfer solutions. We’ve assisted dozens of organisations across the Asia-Pacific region to secure their data and keep cybercriminals at bay. If you’d like to discuss improving your cybersecurity, please feel welcome to contact me , Bradley Copson. I’m always happy to have an obligation-free discussion, explain how simply we can transition you from outdated software and approaches, and offer you a zero-cost Proof of Concept. Previous Next