Australia is experiencing increased volumes of cyber-attacks, but why?
Our mandatory reporting regulations may be inflating comparative figures, however ongoing failure to develop systemic and mature risk management controls is at the heart of the issue.
So-called ‘threat actors’ are increasing their focus on Australia, increasing ransomware and financial attacks as clients are identified as vulnerable, based on having “weak cyber hygiene”.
Small to mid-sized business, and their third-party trading partners remain the most exposed group. Business email compromise, credential theft and ransomware remain the most common types of cyber incursions suffered by small to medium business.
Alarmingly, managed service providers are becoming an increasing focus of attacks – think your IT provider, for example. These third-party organisations often have access to multiple organisations and are therefore seen as a rich target. When compromised, threat actors can access end user infrastructure and systems, increasing the scope of their attack, when successful. This further highlights the vulnerability of your cyber supply chain and relationships.
As Risk Managers and Brokers, we encourage take advice from qualified parties who can help you to:
1. Constantly monitor, identify, and evaluate your evolving vulnerabilities
2. Implement effective controls and risk mitigation tools, such as multi-factor authentication and email filtering
3. Be aware of your potential third party and supply chain exposures
4. Create an Incident Response Plan including communications
5. Secure sufficient, appropriate cyber risk insurance
Northern Strength is fortunate to have a strong network of parties that can assist you to understand and address your cyber risks. Please contact Paul if you would like us to make an introduction.