Malware. Trojan Horses. Phishing. No, we aren’t talking about animals or recreational activities, but rather examples of cybersecurity threats that ALL entities are exposed to. If you haven’t already, now is the time to implement controls to help your business manage cybersecurity risks.
What are examples of cybersecurity threats?
Unusual terms aside, cybersecurity threats can result in extended periods where business critical systems are unable to be used, loss of data, data breaches, misappropriation of funds, and numerous other events that negatively impact your business.
How does it impact my business?
Did you know that near 90% of cybersecurity attacks are opportunistic rather than targeted? Cybersecurity threats will look to expose weaknesses in networks and IT controls, and do not just target specific or larger organisations. Additionally, according to Symantec, Australia is in the top 10 countries for ransomware attacks.
Adding to the potential damaging reputational risks associated with a cybersecurity attack, the Notifiable Data Breach scheme was introduced in Australia from 22 February 2018. The scheme applies to businesses and not-for-profit organisations with an annual turnover of $3 million or more, credit reporting bodies, health service providers, and TFN recipients, among others. This is in addition to the existing personal information security obligations under the Australian Privacy Act 1988, and requires individuals to be notified if their personal information is involved in a data breach that is likely to result in serious harm.
No matter what size, ALL entities are exposed to cybersecurity threats.
What can I do to manage cybersecurity risks?
There a number of steps you can take now to manage cybersecurity risks including the development of a cybersecurity framework that can include:
- Developing policy
- Educating staff
- Implementing processes and controls
- Use two-factor authentication (2FA) everywhere you can
These can be as simple as ensuring anti-virus software is installed and up to date, software is appropriately patched, and password controls are strong. By actively recognising cybersecurity risks, you can ensure a cybersecurity framework is installed to manage these risks, to help your business, move forward.