Alkon Cyber is an Australia-based Security firm that is leading the pack when it comes to adequately assessing small to medium businesses’ IT Security. In line with ACSC recommendations as well as the rising number of cybercrime incidents, it has never been more important to safeguard sensitive information, confidential customer data and private financial details.
Law firms, insurance agents, tax consultants, accountants, real estate companies, banks, financial lenders and brokers, and any business owners who hold a database of confidential client information, are required to meet the conditions of government regulations.
High-tech activity characterizes the way businesses use and share information, but the digital world is under attack, with network breaches and cyberthreats happening hundreds of times a day in Australia and throughout the world. It is irresponsible not to protect and secure business information accordingly.
According to cyber.gov.au, the most recent annual report states that the ACSC received over 67,500 cybercrime reports, an increase of nearly 13% from the previous financial year. That equates to one reported cyber-attack every 8 minutes, with a higher proportion of these incidents categorized as having a ‘substantial impact’. And these are just the reported cases.
WHAT THREATS EXIST TO AUSTRALIAN BUSINESSES AND CLIENTS?
Leaked information – Cyber hacking, back door entry, and stealing of sensitive information from your database and online systems
Ransom demands- Threats of theft or distribution of information, computer downtime, and costly random payment demands
Hostile Code – Implantation of software viruses into computer systems causing varying degrees of damage
System Disabling – Destroying the operating system and in turn, the ability to function productively as a business
Phishing- Planting illegal software on the computer which transmits passwords for unauthorized access to a user’s system
Alkon Cyber Security, formed in Israel by expert IT leader Omer Yerushalmi has recently opened a branch in Australia to service the growing need for A-grade cyber security. Beyond the day-to-day monitoring and intelligent upgrading of software and systems, Alkon also provides essential ‘employee education’ to empower personnel to practice safe digital behavior and recognize any red flags. Michael Ben-Zaquen, Senior manager of Alkon Australia says, “From what we have seen in the last six months, hackers are getting more creative and business owners are not prioritizing cyber security. This is a dangerous combination. It doesn’t cost much to arrange a ‘health-check’ of business IT security, but it is invaluable for all parties.”
“It seems that Melbourne businesses recovering from COVID are simply overlooking this aspect of their operation, especially small to medium businesses. The outcome of cybercrime can be devastating,” Michael advises.
REGULATORY GUIDELINES EXPLAINED
The Australian Cyber Security Centre (ACSC) which leads the Australian Government’s efforts to improve cyber security, advises that Cyber security is everyone’s responsibility, and provides specialized advice about how to protect your business online.
In unison with other worldwide organizations, the ACSC outlines what a cyber security company and its customers should do to ensure best practices when handling and securing sensitive business and customer information.
Prevent initial compromise – Improve the security of vulnerable devices, protect internet-facing services, defend against brute force and password spraying, and safeguard against phishing attacks.
Enable/improve monitoring and logging processes – It can be months before cyber incidents are detected, so it is important to store logs for at least 6 months. Security providers should implement endpoint detection and network defense monitoring
Enforce multi-factor authentication (MFA) – To secure remote access applications, businesses should use 2FA or MFA across all customer services and products as well as for privileged internal accounts
Manage internal architecture risks and segregate internal networks – The security provider should assess systems and strategically segregate the networks, isolating critical business systems where appropriate, to reduce the impact of a cyber-attack or compromise.
Apply the principle of least privilege – In small to medium businesses, and of course in large-scale organizations, it is essential to assign relevant privileges to internal personnel using a tiered model. Additionally, certain devices can be set up to relevant access levels. For those will full privileges, time-out settings can be applied.
Deprecate obsolete accounts and infrastructure – Regular or periodic review of user accounts when personnel transition, as well as network infrastructure, audits to identify and disable unused services and systems.
Apply Updates – Software, including operating systems, applications, and firmware should be periodically updated. Priority should be applied to the software containing known exploited vulnerabilities
Backup systems and data – Update and test backups on a regular basis to ensure ease of critical system rebuilding in a cyber crisis. Storing these backups separately is recommended using encryption backup technology, which is the only full-proof way to safeguard against ransomed file attacks
Understand and proactively manage supply chain risk – Cyber security companies inevitably need to adopt programs and services designed by third-party vendors and subcontractors. This needs to be communicated with customers and proactively managed throughout the contract term.
Promote transparency – Both the security provider and the organization are obligated to be responsible for safeguarding the business to the best of their abilities.
As the cyber-crime crisis facing organizations in Australia continues to bring businesses to their knees in a matter of minutes, it is critical to stay sharp. Onboarding a professional cyber security company like Alkon Cyber Security will minimize the risk of business downtime, leaked information, and ransom demands.