27 Sep 2022
With the Reserve Bank of Australia officially warning cyber attacks are ‘highly probable’ and could undermine the confidence in the financial industry, the sector is on notice to be vigilant against the risk of data breaches.
The first step is to understand the lifecycle of a data breach, which can cause not only data loss but also system downtime as well as reputational and financial damage.
" Having strong defensive measures in place and an appropriate budget for cybersecurity will help to prevent potential attacks."
The lifecycle of a data breach will vary depending on the type of the attack, existing cybersecurity measures in place, the size of the organisation and network environment, however it is typically split into five different stages, outlined below.
Despite the possible variations, a recent report by IBM reported the average global data breach lifecycle was 287 days in 2021. This means many breaches go unnoticed for months, with 212 days between the breach and its identification and containment. For Australia specifically, the length of time was even longer, with an average lifecycle of 311 days.
According to Mimecast’s State of Email Security report 2022, 77 per cent of Australian companies were impacted by a ransomware attack in 2021, up from 64 per cent the previous year, and 89 per cent of companies are reported to be bracing against the potential fallout from email-borne attacks.
The increase of hybrid and remote working since the pandemic has also increased the chances of longer-tail attacks, with organisations that have over half of their staff working remotely taking roughly eight weeks longer to resolve a breach.
Having strong defensive measures in place and an appropriate budget for cybersecurity will help to prevent potential attacks. While spotting an attack between the first and second stage is a win, the overall goal should be to achieve strong cyber resilience.
A strong cybersecurity posture will make each stage identified above harder for attackers to be successful. Methods such as using data discovery tools to identify risky posts, ensuring software and hardware are patched, using threat intelligence to identify risk, and using zero-trust measures will all help to secure a well-built cybersecurity posture.
It’s also important for employees to take responsibility, as cyber is becoming a companywide issue. According to Mimecast research, 8 out of 10 Australian respondents believe their company is at risk due to inadvertent data leaks by careless or negligent employees.
With this in mind, it is critical to have security awareness training in place regularly for all employees, particularly noting the dangers of oversharing and reinforcing social media guidelines.
Garett O'Hara is APAC Field CTO at Mimecast
The views and opinions expressed in this communication are those of the author and may not necessarily state or reflect those of ANZ.
27 Sep 2022
10 May 2022