Search Results

< News Rate Rise Should Spur Rethink 13 Nov 2023 Following the Reserve Bank’s decision to further hike interest rates, it’s timely for business leaders to explore how they can minimise any negative impacts on their companies. Rowan Tracey, Partner at HLB Mann Judd , Australian businesses would need to “find efficiencies and cut operating costs”. “The Reserve Bank’s decision … will impact business margins, particularly small to medium businesses with high debt and low capital. The natural reflex for businesses is to raise prices to even out the balance sheet, which would be fine in a more buoyant economy. (But) rising fuel prices and cost of living already has many scrambling to find ways of cutting costs, including their current expenditure.” Rowan offers these alternative suggestions to businesses wanting to maintain margins without imposing price hikes: 1. Improve Productivity & Efficiency: Review processes and output and look at ways to improve or streamline your operations, such as automation of processes including business software. 2. Strategically Cut Costs: Review your current service providers and contracts and compare to the current market. 3. Revisit Your Banking & Financial Products: Look beyond the short-term and make sure the interest rate on your business loans is competitive. 4. Develop a Pricing Strategy : Look at ways to leverage or bundle existing goods and services. 5. Reconsider Your Supply Chain : Consider reducing risks by finding a domestic supplier to slash the costs of freight and storage. 6. Review Workforce Arrangements: Consider offering flexible work arrangements, nine-day fortnights, and training and development opportunities - particularly those subsidised by government. One way to address Item #1 (“Improve Productivity and Efficiency”) is to reconsider how your business transfers data. Moving data – between employees, with customers, and with your supply chain partners – is now a “core process” for every modern business. That makes it a target for improving efficiency and productivity. A Managed File Transfer solution, such as GoAnywhere MFT, is more cost-effective and efficient than having your staff waste time on old-fashioned and risky manual approaches. In fact, a study by Aberdeen Group found that businesses which invested a little in a professional Managed File Transfer solution had a median return of almost 500 times their investment! Generic Systems Australia are your local experts in file transfer technologies. Contact me if you’d like an obligation-free discussion , no cost trial, or Proof of Concept showing how GoAnywhere could boost your business’s productivity. Previous Next

< News Aussie cyber staff “world’s most stressed”: survey 9 Oct 2024 Aussie cyber security workers are the world’s most stressed, according to a survey by international tech professional association ISACA. For its State of Cybersecurity 2024 report, ISACA surveyed 1,868 cyber security professionals from 102 countries, including Australia. They found that Australian cyber security workers are feeling more stressed in their jobs than their counterparts in any other country. Overly Complex, Under Resourced Respondents attributed the rising stress to Australia’s “increasingly complex threat landscape” and “continual under-resourcing” of their cyber security departments and roles. They reported lower budgets, higher hiring and retention challenges, and a more significant lack of prioritisation of cyber security risks than their global peers. Nearly half of all respondents believed their company’s cyber security budget was inadequate, and only a third expected it to be increased in the year ahead. As a result, most said they didn’t feel ready to combat the growing risk of a cyber-attack on their organisation. Burnout In a further worrying sign for Australian businesses, many cyber security professionals said the stress of their role had become so significant that they were considering moving on from their current organisation. Of those who had already left, 60% cited “stress” as the primary reason. ISACA’s Director of Professional Practices and Innovation, Jon Brandt, urged Australian employers to better mitigate the stress of their cyber defenders. “Employers (should) explore ways to support staff before burnout and attrition occur,” he said. ISACA said the increasing complexity of cyber attacks required additional effort, energy and intelligence from cyber professionals. It characterised the need to stay ahead of new technologies and digital weapons as “all-consuming”, and this explained why cyber pros in Australia were feeling the effects of increased stress in their roles. Most Australian respondents said they expected a cyber attack on their organisation during the next year. However, only 32% had a high degree of confidence in their team’s ability to detect and respond to the attack. Cyber Stress Relief Companies can take some of the load off their beleaguered cyber security staff by adopting automated, proactive and layered cyber defences. The goal is an always-on system which automatically secures, stores and transfers data, repelling cyberthieves before they gain access to company systems. The foundation of such an approach is a technology called “Managed File Transfer” (MFT). Paired with secure content engines and secure digital rights management, MFT is an optimal way to prevent data theft and cyber breaches. An MFT solution such as the class-leading GoAnywhere MFT keeps your organisation’s valuable data safe - at rest, and in transit. Coupled with an Advanced Threat Protection Bundle, it enables organisations to safely collaborate without exposing their systems or team to the risks of malware. This automated defence system protects your organisation’s data in three key ways: 1. It prevents files containing malware from being received, by scanning all inbound files and automatically stripping out embedded malware, triggered executables, scripts, or macros. 2. It blocks sensitive data from being shared, by inspecting file contents and stopping protected data from being shared, based on policies you define. 3. It redacts sensitive information from files before they are transferred, detecting and/or removing geotags, document properties, email addresses, and other metadata from documents. Local Help Available As your company’s stressed cyber professionals are signalling, today’s interconnected business environment makes cyber attacks inevitable. However, foiling these attacks no longer requires draining manual cyber surveillance. At Generic Systems Australia , we’ve helped hundreds of business leaders and IT teams across the Asia-Pacific region rest easier, knowing that their valuable data is protected by the automated sentries of GoAnywhere with Advanced Threat Protection. We can do the same for you. It’s surprisingly affordable, and our Migration Services mean you can keep running your business without disruption as we you transition to a more secure approach. In fact, we’re so confident that the capabilities and business case for installing an MFT solution stack up that we’ll even offer you a zero-cost Proof of Concept. If you’d like to help take the load off your cyber security team, and explore how your organisation can automate its data transfer security, please feel welcome to contact me . I’m always happy to have an obligation-free discussion. At Generic Systems Australia , we’re your local experts in Secure Managed File Transfer. Previous Next

< News A Missing Piece in Your Cyber Security Strategy? 26 Mar 2024 Is Secure Managed File Transfer a “missing piece” in your company’s Cybersecurity Strategy? The Australian Federal Government has set its sights on making Australia a world leader in cybersecurity by 2030 and is currently drafting upgraded cybersecurity regulations. In the industry consultation period just ended, they flagged new cybersecurity legislation and amendments to the Security of Critical Infrastructure Act which would include: Secure-by-design standards for the Internet of Things; Mandatory ransomware reporting; and Upgraded protection for and risk management of critical corporate infrastructure. The new legislation reflects comments made by Attorney-General, Mark Dreyfus, in the aftermath of the 2022 Optus hack. He said “We need better laws to regulate how companies manage the huge amount of data they collect, and bigger penalties to incentivise better behaviour. (E)xisting safeguards are inadequate. It’s not enough for a penalty for a major data breach to be seen as the cost of doing business.” With new legislation — and much bigger fines — imminent, now is the time to plug any potential gaps in your organisation’s cybersecurity strategy. Protect Your Data, Not Just Your Network Increasingly frequent cyber incidents prove that cybersecurity is not keeping pace with cyber threats. According to Forbes, “Companies keep pouring tons of money into protecting their network… but the real crown jewels are in the data that sits behind the network walls. That data is often not protected." It’s not enough to lock the door. An organisation’s crown jewels should also be kept in a vault. This ensures that, even if a hacker gets inside, they won’t be able to exploit the data they find. The vault is encryption. And the security guard that puts the jewels in the vault is Managed File Transfer (MFT). How MFT Secures Your Data To be truly secure, data must be protected not only when it’s stored, but also while it’s enroute to and from storage . MFT solutions such as the class-leading GoAnywhere MFT encrypt data at rest and in transit, complying with the highest data security standards across the US and Europe (e.g. HIPAA, HITECH, PCI DSS, SOX, and the GDPR). MFT manages inbound and outbound file transfers across an organisation, using industry-standard file transfer protocols such as SFTP, FTPS, and AS2 to send files securely, and encryption standards such as Open PGP and AES to protect data in transit and at rest. The "Managed" in MFT MFT software automates and streamlines the exchange of data for you, reducing manual processes and eliminating the need for any legacy tools and scripts you might currently be using. Data (including documents, images, videos, and other files) can also be exchanged via MFT across your private networks, systems, applications, partners, and cloud environments from a single point of administration. More than Transfers MFT software isn’t only for sending files between users and systems. It can also automate business processes, ensure secure connections, track file transfer activity, and more… File Encryption GoAnywhere MFT employs integrated encryption technologies to secure sensitive data. It also includes a key manager which enables you to create, import, export, and manage your keys and certificates within the product. Automation User errors and manual processes can also cause data breaches. By automating the encryption and exchange of sensitive files, processes and workflows can run without user intervention — especially useful when dealing with a high volume of file transfers. Email Enhancement GoAnywhere MFT offers a secure email module which allows users to send one-off file transfers securely, through a HTTPS connection. Cloud Connections MFT can help you build better connections between your network and web/cloud applications. GoAnywhere MFT offers built-in cloud integrations with applications such as Dropbox, SharePoint, and JIRA, and popular cloud services including Amazon, Google and Azure. Auditing & Reporting GoAnywhere MFT provide audit reports to meet compliance needs. All file transfer and administrator activity is stored and easily searchable. For organisations that need to report on file transfer activity to remain compliant with regulations and laws, the audit logs can be automatically generated and distributed as PDF reports. These are just some of the many MFT features which can help you protect your files. Plugging in the Missing Piece With the Federal Government soon to unveil its new cybersecurity legislation, now is the time to get ahead of requirements and explore how MFT can enhance your data’s security at rest and in motion. Arrange a free MFT trial and see how it works in your organisation. The benefits are almost immediate, from file transfer automation to solid data encryption. A data breach need not be a given for your organisation. By adding the missing MFT piece to your Cybersecurity Strategy, your valuable data can remain out of reach of cyberthieves. If you’d like to discuss how MFT can complete your organisation’s Cybersecurity Strategy, please feel welcome to contact us . We’re always happy to have an obligation-free discussion, explain how quickly and easily we can transition your organisation to the class-leading MFT solution, and offer you a zero-cost Proof of Concept. At Generic Systems Australia , We’re Your Local Experts in Secure Managed File Transfer! Previous Next

< News Fast OR Safe...? File Transfers can be both! 17 Mar 2024 Sending files externally...? Now it can be both Safe AND Easy! There was a time when ensuring your organisation’s file transfers were safe was a hassle… time-consuming, inconvenient, and requiring specialised technical skills. Thankfully, that’s no longer the case. Ensuring your precious data can be safely shared within your organisation and with your external trading partners need no longer be complicated. In fact, the best data technologies save you time and money, and make data exchange easy . Here’s how. The Fast and the Fraught Hitting “send” is an everyday routine for most employees. Sending files to suppliers and customers is as easy as a couple of mouse clicks. However, each of these thousands of daily data transactions is a potential target for cybercriminals. The more ad-hoc and varied the file transfers, the greater the risks. Too often, organisations only realise their need for a more robust approach after they’ve experienced a costly data breach. Other times, data vulnerabilities become apparent when organisations want to start trading with partners who employ more stringent data safeguards... particularly in industries where there are strict data compliance requirements, such as healthcare, finance, transportation and defence. Failure to adhere to an industry's data security regime can lead to hefty fines and sanctions for both parties to the transaction. Solving for Ease AND Security Solutions such as managed file transfer (MFT), data loss prevention (DLP), data classification, and email security can automatically secure your organisation’s data, while simultaneously keeping your business humming. Better still, by automating thousands of routine file transfers, the best solutions increase an organisation’s efficiency by saving employees’ time and enabling them to focus on higher value-added work. How to Get Started In our experience, few organisations begin with a completely clean slate and zero data protection measures in place. Usually, some enterprising individuals will have independently employed varying degrees of security using free or low-cost consumer file transfer tools. Other employees may believe – incorrectly – that they’re securing their data by simply applying files’ “read-only” settings. A few may have gone a step further and narrowly limited who has access to their department's data. Unfortunately – aside from the inherent risks of using multiple incomplete and incompatible security approaches – siloed security measures like these can also inadvertently remove resources that knowledge workers need to conduct business. As a result, organisational efficiency is impeded, with critical information becoming too slow or difficult to access. A Holistic Approach to Data Exchange At Generic Systems Australia we help organisations embrace a whole-of-business approach which reduces risk and makes data more secure while keeping your business operations and relationships running smoothly and efficiently. A good starting point is considering the impact security policies and practices have on your customer and vendor relationships: How would a data breach impact your business’s reputation, bottom line and supplier relationships? Do the policies and tools you currently use hinder your employees’ effectiveness, efficiency and productivity? Could new technology speed up the actual delivery of critical information? Could new technology be simple enough to use that most employees could readily adopt it? The Human Factor The best data security measures are invisible and automated . We’ve found that the less organisations need to rely on employees to change their behaviour, the better the risk mitigation. But even so, educating employees on data security should be an element of an improved approach. Start by explaining why you need to put in place the new policies or tools. Employees who understand the high stakes of data theft and compliance breaches are much better disposed to taking ownership of managing data transfer risks. Then focus on education. By equipping your various department heads and business process owners with knowledge about secure data exchange approaches, you can help them make the right choices when they liaise with their various supply chain partners. A multi-phase approach, leveraging middle managers and key influencers in your organisation to champion best practices, is often best. Automatically Securing Everyday Data Ideally, we want our employees to be able to safely send and receive emails and attachments without the need for them to take any additional, time-consuming steps. MFT, DLP, data classification, and email security make that possible through advanced levels of automation. In combination, these technologies examine each data transfer event and thoughtfully apply policies such as encryption, auditing, user and recipient validation, redaction, etc. This way, employees do not have to manage any of those activities, and the data transfers are performed quickly, efficiently and securely. As workforces and their workplaces become physically more dispersed – sometimes in the office, sometimes from home, sometimes from a local café – this automated approach becomes more and more beneficial. Not only does it accelerate and streamline the process of transferring data, it also reduces the risk of human error. Out of Sight, Out of Mind? Data exchange is like the human circulatory system - unseen, but absolutely critical to your organisation’s ongoing vitality. Protecting and enhancing it is both necessary and worthwhile. At Generic Systems Australia, we’ve observed that moving to a more automated, secure and efficient approach can sometimes be stalled by the very “bloat” we discussed earlier. Taking out the too-many tools which have sprung up across an organisation’s silos can seem too complicated and time-consuming to tackle. However, there is an easy and relatively inexpensive way forward… A centralised tool, such as the class-leading GoAnywhere MFT with its dashboard-style interface, can provide a holistic approach. Rather than having separate tools for encryption, auditing, reporting and automating file transfers, GoAnywhere can handle it all. It even scales as your business grows. If you’d like to discuss making your organisation’s data transfers safer and easier, adding to your organisation’s productivity and bottom line, please feel free to contact our Business Manager, Bradley Copson, ( mail to: bradley@gensys.com.au ). He’ll be more than happy to offer you an obligation-free discussion, no-cost trial, or Proof of Concept. At Generic Systems Australia, we're your local experts in Secure Managed File Transfer. Previous Next

< News Automate File Transfers to Boost Team Efficiency 17 Mar 2024 Dodge the Drudgery – Automate Your File Transfers Manually sending files around your organisation, and to external trading partners, is a tedious and time-consuming aspect of many employee’s lives. However, it needn’t be. You can help your team dodge the drudgery via file transfer automation software. This software enables your team to program when files should move between internal systems, other team members, or trading partners, and is often used to manage reoccurring or high-volume file transfers. Your team is freed up to focus on other business-critical tasks. Read on to find out how… The Leading Solution GoAnywhere MFT is the world’s leading secure FTP (SFTP) file transfer automation software. It enables users to quickly automate file transfers and schedule workflows, using its built-in scheduler or your existing scheduler software. Within GoAnywhere's browser-based administrator, users can also automate their workflows by executing projects with a single click. GoAnywhere MFT can execute multiple workflows concurrently, through its job management system. Administrators can define multiple job queues, grouping workflows that share common characteristics or service level agreements. Each job queue can define the priority of their jobs as well as the maximum number of concurrent jobs that can be executed from the queue. All these job queues can be managed and prioritised through GoAnywhere's Administrator interface. Built-In Schedulers With the built-in scheduler you can execute Projects (workflows) at future dates and times. Projects can run just once, or with any recurring frequency you choose. You can also define custom calendars with specific holidays or dates that are important to your organisation, or to avoid scheduling a job on a specific day. Schedules can be further personalised by specifying them to run under specific users, or with start dates, frequencies and other over-riding variables. You can also indicate the email addresses to be alerted when a Project has completed, or encounters any problem. Unlimited File Sizes Large files are no problem for GoAnywhere MFT, or its email add-on GoAnywhere Secure Mail. It enables you to send large files as secure packages on an ad hoc basis, as well as send multiple large files. Even large files transfers won’t choke... GoAnywhere provides auto-resume and integrity checks to keep big files moving, even when it encounters network connectivity challenges. Robust Audit Logs and Reporting Staying compliant with various industry regulations or privacy laws is easier with GoAnywhere MFT. You can generate comprehensive audit logs of all file transfer and administrator activity, including workflow and file server auditing and administrator logging. This data is captured for activity in GoAnywhere servers for AS2, FTP, FTPS, HTTPS, and SFTP, and it includes details on log in attempts, file uploads and downloads, errors, and other events. Reports can be quickly generated, viewed, filtered, sorted and exported as needed. Executing Projects Workflows can also be automated, executing whenever a file monitor detects new, modified, or deleted files in targeted folders. Workflows can be called from local and remote command lines, scripts, and programs using the provided commands and APIs. Workflows can additionally be called as Web Services using SOAP or REST requests. To execute Workflows based on user activity, triggers can monitor for events like when a file is uploaded or downloaded. Workflows can be executed in Debug mode, which enables users to interactively execute tasks one step at a time. At each stopping point, the values for the variables can be viewed or changed before the next task is executed. If you’d like to discuss how your organisation’s file transfers can be automated, adding to your productivity and bottom line, please feel free to contact our Business Manager, Bradley Copson, (mail to: bradley@gensys.com.au ). He’ll be more than happy to offer you an obligation-free discussion, no-cost trial, or Proof of Concept. Generic Systems Australia Your Local Experts in Secure Managed File Transfer Previous Next

< News Understanding your organisation’s obligations for protecting Personal Identifiable Information 19 Nov 2024 With the Australian Government’s imminent introduction of new cyber security legislation, it’s becoming more important than ever to understand your organisation’s legal responsibilities for protecting Personal Identifiable Information (PII). What is PII? The Australian Signals Directorate (ASD) – Australia’s top government cyber security agency – says that personal data includes a broad range of information that could identify an individual. That may include an individual’s: Name Date of birth Address Medical records Racial/ethnic origin Political opinion Religious beliefs Gender Sexual orientation or practices Criminal record Payment details Email address Password License Photo Video Phone number Passport Employment information Biometrics, such as voice prints and facial recognition The Office of the Australian Information Commissioner (OAIC) extends that definition even further, saying it can include: Signatures Credit information IP addresses Trade union membership and associations Genetic information The OAIC cautions that sensitive information has a higher level of privacy protection than other personal information. It includes in that definition race and ethnicity, political opinions and associations, religious and philosophical beliefs, trade union membership and associations, sexual orientation and practices, criminal record, health or genetic information and some aspects of biometric information. Importantly, personal data is often greater than the sum of its parts. When seemingly innocuous data is aggregated or combined, it can be used to form a more complete picture about an individual. What Existing Laws Require The Privacy Act 1988 sets out how organisations must handle personal information, and applies to organisations with an annual turnover of more than $3 million, unless they’re a small business operator, registered political party, state or territory authority or a prescribed instrumentality of a state. Some small business operators do have obligations under the Act. These include: private sector health service providers businesses that sell or purchase personal information credit reporting bodies, contracted service providers for the Australian Government employee associations businesses accredited under the Consumer Data Right System businesses that have opted-in to the Privacy Act businesses related to a business covered by the Privacy Act businesses prescribed by the Privacy Regulation 2013 . New Obligations Incoming In October 2024, The Australian Government introduced to parliament the Cyber Security Act 2024, Australia’s first standalone cyber security legislation. If passed as expected, this new Act will impose new compliance and reporting requirements on Australian businesses. The Act is designed to address seven initiatives within the 2023-2030 Australian Cyber Security Strategy , including: • Mandating minimum cyber security standards for smart devices • Mandatory ransomware reporting for certain businesses to report ransom payments • A ‘limited use’ obligation for the National Cyber Security Coordinator and the Australian Signals Directorate • Establishment of a Cyber Incident Review Board. The legislation will also progress and implement reforms under the Security of Critical Infrastructure Act 2018 (SOCI Act) : • Clarifying existing obligations in relation to systems holding business critical data • Simplifying information sharing across industry and Government • Introducing Government powers to direct entities to address serious deficiencies within their risk management programs • Moving regulation for the security of telecommunications into the SOCI Act . Legal firm A&O Shearman cautioned that the new Cyber Bill will introduce several new critical areas of compliance and reporting. It advised businesses to take heed of these new obligations, and ensure they put in place robust cyber security measures. • Ransomware Reporting Obligations: Entities impacted by cyber security incidents and making ransomware payments must report these payments within 72 hours. • Security Standards for Smart Devices: The Cyber Bill mandates that manufacturers and suppliers of smart devices comply with specified security standards. • Protected or Limited Use of Incident Information: The Cyber Bill includes provisions to ensure that information provided about cyber security incidents is used or disclosed only for permitted purposes, with strict limitations on using this information for civil or regulatory actions against the reporting entity. • Cyber Incident Review Board: The new Board will review certain cyber security incidents and make recommendations. It will have the authority to require documents. A&O Shearman said organisations should make sure they implement security standards in compliance with the specified security measures currently provided for in the Cyber Bill, and make sure they can comply with the ransomware reporting obligations, including the timelines foreseen in the Cyber Bill. ASD Advice on Data Security Practices ASD says that, for businesses to be confident they’re employing appropriate data security practices, they should consider implementing these measures: Create a register of personal data Limit personal data collected Delete unused personal data Consolidate personal data repositories Control access to personal data Encrypt personal data Back up personal data Log and monitor access to personal data Implement secure Bring Your Own Device practices Report a data breach involving personal data ASD warned that “businesses cannot afford to forgo investing in their security, and risk compromising the security of their customers’ personal data. The prevalence of data breaches and ransomware attacks underscores the importance of sound security practices. Businesses cannot afford to assume that they will not be targeted. Investing in security proactively can be far more cost effective than having to manage the repercussions and costs of a major data breach”. Solutions to Help Meet PII Obligations Cyber criminals succeed when organisations don’t adequately protect their data transfers and systems access. Keeping the thieves at bay requires a multi-layered strategy, including robust data transfer protection, multifactor authentication and employee training. Managed File Transfer (MFT) solutions such as the class-leading GoAnywhere MFT encrypt data at rest and in transit, complying with the highest data security standards. MFT manages inbound and outbound file transfers across an organisation, using industry-standard file transfer protocols such as SFTP, FTPS, and AS2 to send files securely, and encryption standards such as Open PGP and AES to protect data in transit and at rest. GoAnywhere MFT also provides audit reports, which will help organisations meet the new reporting and compliance needs. All file transfer and administrator activity is stored and easily searchable. To help organisations report on file transfer activity and remain compliant with the new legislation, these audit logs can be automatically generated and provided as PDFs. Advanced Threat Protection adds a further layer of defence. SFT Threat Protection enables safe collaboration with external parties, preventing malware from entering an organisation, and reducing the risk of employees losing or mishandling sensitive data. Local Experts Here to Help Generic Systems Australia are your local experts in Managed File Transfer solutions. We’ve assisted dozens of organisations across the Asia-Pacific region to secure their data and keep cybercriminals at bay. If you’d like to discuss improving your cybersecurity, please feel welcome to contact me, Bradley Copson . I’m always happy to have an obligation-free discussion, explain how simply we can transition you to the latest software and approaches, and even offer you a zero-cost Proof of Concept. Previous Next

< News Local Businesses most at risk of Phishing Attacks: study 9 Apr 2024 A new study has found that employees in the Asia-Pacific region are more likely than any others worldwide to unwittingly expose their organisation to cybercrime. Fortra's newly-released study found 10% of employees worldwide will open a ‘phishing’ email sent to them. In Asia-Pacific, that number climbs to 14.9% – worse than any other region. Even more concerningly, 61% of those who fall for a bogus email will go on to disclose their password. The results of the experiment demonstrate the serious ongoing threat to local organisations posed by employees who are either uneducated on cybersecurity threats, or unmotivated to mitigate those risks. If you would like a copy of Fortra's report on the study, including helpful advice on how to address your cybersecurity challenges, please let me know – I’ll be happy to send you a copy. #mft #managedfiletransfer #sft #securefiletransfer #cybersecurity Previous Next

< News The Hardest Question About Your Organisation’s Cybersecurity 18 June 2024 It’s the question every IT manager dreads. “How did you let this happen?!” And the worst time to be asked it is after your organisation has become the latest victim of a cybercrime. Here’s how to avoid it ever being asked… Anxiety Rising Boardroom anxiety about the protection of customer data has been growing across the country. High profile incidents such as the ransomware attacks on Optus and Medibank Private have sensitised the senior leaders to both the risks and costs of negligence. CEOs and CIOs are being quizzed: “Is our organisation doing enough to avoid becoming the next negative headline?” Incidents Rising The most recent report by the Australian Signals Directorate (ASD) showed that cyber attacks are happening far more frequently. On average, a new report is received every six minutes - a 23% increase year on year. One in 5 critical vulnerabilities was exploited within a mere 48 hours. The ASD warned that cybercriminals are constantly evolving their operations against Australian organisations, fuelled by a global industry of access brokers and extortionists. Thousands of businesses failed to fulfil their obligation to protect sensitive customer data, and millions of Australians had their information leaked on the dark web. Costs Rising Also troubling the C-suite is that the costs to businesses of “cyber negligence” are escalating rapidly. The ASD says the cost of cybercrime to businesses has increased by 14% compared to the previous financial year. However, direct financial losses are just one part of the broader costs of “cyber negligence”. For example, Medibank Private’s share price plunged more than 20% in the weeks following its loss of the personal information of 9.7m Australians. The company is facing class actions by both shareholders and consumers alleging breaches of the company’s duty of care to protect consumer information, manage risks and make timely disclosures to shareholders. Optus Communications saw its customer growth halved after its systems were breached. A class action by Slater and Gordon alleges that “Optus failed to protect, or take reasonable steps to protect, the personal information of its current and former customers”. In response to rising consumer concerns, Australia’s Attorney-General, Mark Dreyfus, has flagged “better laws to regulate how companies manage the huge amount of data they collect, and bigger penalties to incentivise better behaviour”. Reflecting the growing risks and costs of cybercrime, cyber insurance premiums are also rising. Email: the Critical Vulnerability According to the Australian Signals Directorate, Business Email Compromise (BEC) remains a key vector for conducting cybercrime. A form of email fraud, cybercriminals target organisations and scam them out of money or goods by tricking employees into revealing important business information, often by impersonating trusted senders. BEC can also involve a cybercriminal gaining access to a business email address and then sending out spear phishing emails to clients and customers for information or payment. IT Managers Stepping Up Responding to these trends, responsible IT Managers are increasingly focussed on preventing their organisations from becoming the next headline victim of cybercrime. In a survey conducted recently by Tenable, IT leaders said that, while the ability to respond to and recover from cyber incidents remained essential, they’re now focusing more on preventing such incidents altogether. The Best Answer to the Hard Question A proactive and layered strategy for storing, transferring and securing data is essential for keeping cyberthieves at bay. Secure managed file transfer, secure content engines, secure digital rights management, and employee education combine to create the optimal way to prevent data theft and cyber breaches. At Generic Systems Australia , we recommend the class-leading secure managed file transfer solution, GoAnywhere MFT , to keep data safe - at rest, and in transit. Coupled with our Advanced Threat Protection Bundle , we enable organisations to safely collaborate without exposing their systems to the risk of malware gaining a foothold within their IT systems. Seamless integration between GoAnywhere MFT and the Clearswift Secure ICAP Gateway provides anti-virus and malware protection, deep inspection of the content inspection, adaptive data loss prevention, and media type protection. Together, they provide three key defences. 1. Prevents file containing malware from being shared. GoAnywhere provides easy anti-virus protection through the Secure ICAP Gateway to scan all inbound file transfers. It can also detect and automatically strip out active content like embedded malware, triggered executables, scripts, or macros used to extract or hold sensitive data hostage. Advanced Threat Protection “sanitises” files and emails without delaying delivery, guarding against today's leading malware and ransomware (e.g. CryptoLocker, CryptoWall, TorrentLocker, Dridex Dyre, BlackEnergy, etc.) and tomorrow's even more sophisticated threat variants. 2. Blocks sensitive data from being shared. Files with Personal Identifiable Information or other sensitive data can be prevented from being transferred. GoAnywhere Threat Protection can inspect file contents, then stop and block files from being shared, based on policies you define. 3. Redacts sensitive information from files before transfer. Advanced Threat Protection can ensure sensitive data is neither transmitted nor received, detecting and/or removing geotags, document properties, email addresses, and other metadata from documents, and replacing sensitive text with asterisks. Using Optical Character Recognition, it can even remove text contained in scanned images. No question: 'Prevention' is Better than 'Cure' Cyber attacks are inevitable . However, falling victim to them is optional . If you’d like to learn more, and be able to comprehensively reassure your Board about the steps you’ve taken to protect your business’s data, reputation and bottom line, please feel welcome to get in touch with me, Bradley Copson ( mailto:bradley@gensys.com.au ). I’m always happy to have an obligation-free discussion, and even offer you a zero-cost Proof of Concept. At Generic Systems Australia , we’re your Local Experts in Secure Managed File Transfer. Previous Next

< News How to Protect Your Customers’ Personal Identifiable Information 8 Nov 2024 Protecting customers’ Personal Identifiable Information (PII) has fast become a critical duty of care for every organisation. What is PII, and why is it valuable? PII includes information such as Tax File Numbers, Medicare numbers and other health records, credit card details, student addresses and more. Cybercriminals attempt to access PII for financial gain, either directly – by selling it to data brokers on the dark web – or indirectly, by identity theft. Stolen PII can be used by hackers to open bogus credit card and bank accounts, and to socially engineer attacks using methods such as phishing and ransomware. Organisations need to zealously protect the PII provided to them by customers – not only for the sake of maintaining trust, but also to guard against heavy sanctions for non-compliance by regulators such as ASIC and the ACCC. And those compliance requirements are ramping up. Just last month, Australia’s federal government introduced legislation to parliament which will revolutionise Australia’s cyber security preparedness by imposing new protection standards and reporting requirements on local businesses. International Obligations However, compliance requirements for the protection of PII don’t stop at our national borders. For example, businesses with customers in Europe need to comply with the EU’s General Data Protection Regulation. Local businesses trading in the US need to comply with America’s Health Insurance Portability and Accountability Act, Federal Information Security Management Act, Payment Card Industry Data Security Standard, Gramm-Leach Bliley Act and California Consumer Privacy Act. Rising Risks and Impacts Recent statistics demonstrate the growing risk and significant impact of PII data breaches. Verizon’s Data Breach Investigation Report for 2024 shows that some 60% of data breaches involve some form of personal information. And IBM’s 2024 Cost of a Data Breach Report revealed the global average cost of a data breach now exceeds A$7 million. Protecting PII Stepping up to the needs of PII guardianship requires both technology solutions and sound business practices. Layered defences, with integrated solutions that address encryption, threat protection, and data loss prevention, enable safe collaboration without risking malware, mishandled data, breaches and non-compliance. Given most breaches involve a human element, technology solutions need to be automated and easy for employees to use. Software needs to be able to manage: How access to data is granted; How access is authenticated; How access is tracked and controlled; and How access be speedily revoked, when needed. Layered Protection A standalone managed file transfer (MFT) solution – such as GoAnywhere MFT - is a great first layer of defence. It provides security for files at rest and in-transit. However, integrating Threat Protection as an additional layer enables you to take appropriate action when there’s PII in the data moving in and out of your organisation. Based on rules you predefine, our Advanced Threat Protection Bundle can mask, remove, or permit PII to be moved within your organisation and beyond, via a Secure ICAP Gateway. Medical Case Study A medical enterprise needed to transfer attachments between employees and trading partners containing detailed billing information. They had long used a managed file transfer solution to exchange patient records within and outside the organisation. However, they realised they needed to further safeguard patients’ PII via deep content inspection. The organisation integrated GoAnywhere MFT with Secure ICAP Gateway, adding anti-virus protection as well as structural “sanitisation” of files being transferred. Their combined MFT/Advanced Threat Protection now works to: Inspect for malware and viruses; Intercept content based on threat protection and data loss prevention requirements; Run rule sets such as renaming, script removal, keyword searches to control if content is allowed in or is blocked; and Sanitise PII content to permit ongoing transfer (or block it, if content cannot be adequately sanitised). Thanks to layered protection, the organisation can now exchange patient records free from viruses and malware, while only disclosing a use-appropriate level of PII. Controlling PII Disclosure Adding granular rules-based controls to data handling is the “killer feature” of Advanced Threat Protection. For example: You can permit some specified individuals to transmit PII, but not everyone. You can apply role-based access to PII. You can audit who is sending what information. GoAnywhere MFT’s encryption can be enhanced by limiting who can transfer PII data and what that data contains. The automatic detection and sanitisation of files removes some of the human factor risks so that employees can focus on their work instead of fussing with manual interventions. Augmenting technical solutions with employee training further reduces human factor risks. Here to Help Generic Systems Australia are the Asia-Pacific region’s experts in deploying Managed File Transfer and Advanced Threat Protection. We’ve assisted dozens of organisations to protect their PII and secure their file transfers, while keeping their businesses running smoothly. If you’d like to discuss how we can help you, please feel welcome to contact me . I’m always happy to have an obligation-free chat and explain how simply we can transition you from outdated protocols and approaches. I can even arrange a simple, zero-cost Proof of Concept. Previous Next

< News 5 Signs You Need a Managed File Transfer Solution 14 Nov 2023 5 Signs You Need a Managed File Transfer Solution Does your organisation rely on transferring sensitive data between employees, customers and trading partners? Most do. And that means just one wrong move by an employee – for example, failing to encrypt a sensitive file – could land you with a huge fine, and lose you customers. So it’s worth spending a moment considering how your team is performing the regular, essential task of moving data around. And, to ask the key question: “Is it time I installed a better, safer and more efficient way to transfer data?” Here are some of the key signs that your business is ready for a Managed File Transfer solution. Sign 1: Still Using Outdated Ways to Send Data A surprising number of organisations still rely on outdated protocols and clunky scripts to move precious data around. However, as I explained in a recent article, these legacy methods increase the risk of human error, take time away from more critical tasks, and are difficult to maintain. A Managed File Transfer (MFT) solution like GoAnywhere MFT is easy to use, easy to audit, requires little maintenance, and removes manual tasks from your stretched IT team’s To Do list. Sign 2: Targeted by Cybercriminals Ask your IT team how much growth they’re seeing in attempted cybercrime incursions. Frightening, isn’t it!? With hackers escalating their efforts to extort your business and customers, it’s more essential than ever to secure your data and maintain a ‘circle of trust’ with your supply chain partners. A leading MFT, such as GoAnywhere MFT, employs the latest encryption algorithms to reduce the risk of data breaches during transit. Features like Access Controls, and Multi-factor Authentication, safeguard sensitive information from unauthorised access. Sign 3: Need to Comply with Government & Industry Regulations In response to escalating cybercrime, governments and industry regulators are imposing ever greater requirements on business to ensure they protect consumers’ personal data. From health data (hospital records, test results), to banking data (debit and credit card numbers, bank account details), to identity data (home address, government id), businesses that fail to take responsible measures to protect sensitive data face growing sanctions. Even worse, a breach may not only cost your organisation time and money to remediate, it may ruin your reputation. A leading MFT, such as GoAnywhere MFT, helps ensure your file transfers comply with regulatory requirements such as PCI DSS, HIPAA, HITECH, and GDPR. Features like auditing, reporting, role-based access, secure protocols, centralised security controls, encryption, and key management protect employee and consumer data from harmful security mishaps. Sign 4: Need to Exchange Data in the Cloud Many organisations are moving business processes to the cloud, and now need to exchange files with trading partners in the cloud. But how can transfers to and from the cloud, over public telecommunications networks, be protected? From streamlining and automating cloud file transfers to platforms like Amazon Web Services, and Microsoft Azure, to integrating with popular web and cloud services like SharePoint and Google Drive, working with a partner in the cloud using an MFT is a smooth, reliable and safe process. Sign 5: Need to Adapt to Changing Network Conditions Research by Rand Group found that a single hour of system downtime can cost a medium-sized business a six figure sum. As organisations and trading partners become increasingly integrated, it’s critical that file transfers are performed without delay or disruption. Whereas a document containing a batch of important transactions may once have been delivered over several hours, today’s fast pace of business requires it to take mere seconds. An enterprise-calibre file transfer solution should have a high availability plan in place. The right solution will provide active-passive and active-active (i.e. clustering) methods for organisations who need to keep their processes running no matter the situation at hand. Clustering provides the best high availability by running multiple servers simultaneously. Therefore, if one goes down, file transfers and workflows will continue to run on other servers so communication with your trading partners won’t be interrupted. Seen the Signs…? If you’ve observed any of the above warning signs in your business, it may be time to consider upgrading to a secure MFT such as GoAnywhere. The acknowledged leading Managed File Transfer offering, GoAnywhere is an all-in-one solution, automating and encrypting file transfers from a centralised dashboard. It not only simplifies the completion of critical business initiatives, but also reduces the time spent on manual file transfers and in-house processes. GoAnywhere saves businesses time, money, and reputation. If you’d like to learn more about how GoAnywhere MFT could add to your organisation’s bottom line, please feel free to contact me ( bradley@gensys.com.au ), or read more at the Generic Systems Australia website. I’d be happy to offer you an obligation-free discussion, no cost trial, or Proof of Concept. Bradley Copson, Business Manager, Generic Systems Australia “Local Experts in Secure Managed File Transfer” Previous Next