Rising cybercrime in Australia prompts better cyber hygiene
Rising cybercrime rates in Australia, with incidents occurring approximately every six minutes, are driving organisations to adopt enhanced cyber hygiene practices to mitigate threats and financial impacts.
The Australian Signals Directorate reports that cybercrime is a significant concern, with email compromise being a prevalent threat. Such compromises often lead to unauthorised financial transactions and the leakage of sensitive company data.
The financial burden on businesses following cyber incidents varies considerably based on the organisational size.
Small businesses incur costs exceeding AUD $46,000 per incident, medium-sized enterprises face expenses averaging AUD $97,000, and larger companies experience losses around AUD $71,000 per event.
Robert Haist, Chief Information Security Officer at TeamViewer, explained, "Cyber hygiene refers to the practice and steps that companies take to maintain system health and improve online security, helping to protect the business from digital threats, such as malware, hacking, and phishing. These practices are often part of a routine to ensure the safety of identity, data, and networks."
To establish effective cyber hygiene, organisations should track their hardware and software in real time. By employing radio frequency identification (RFID) and barcode systems, companies can monitor asset use accurately, manage bring-your-own-device (BYOD) policies, and identify vulnerabilities promptly.
Automating software patching is vital for addressing vulnerabilities as they arise.
This approach is part of a unified management system, exemplified by platforms like TeamViewer in cooperation with Ivanti, which offer remote monitoring, mobile device management (MDM), and comprehensive security solutions.
Implementing regular data backups is another essential practice. Automated backup solutions protect businesses against data loss due to threats like ransomware, ensuring continuity even in the face of potential data breaches.
Access control is crucial in safeguarding sensitive information.
Limiting access based on job roles and using automated tools to manage user permissions can minimise the risk of data leaks and unauthorised access.
Enforcing strong password policies is another measure businesses should adopt. Complex passwords that are updated regularly can be supported by password managers, enhancing security by reducing the risks associated with breaches.
Multi-factor authentication (MFA) adds an extra layer of security by requiring additional verification steps beyond passwords, such as biometric scans or one-time codes, to make unauthorised access significantly more difficult.
A zero trust architecture is recommended to keep security at a premium.
This approach involves verifying all access requests regardless of their origin, applying strict access controls, and enforcing least-privilege principles to securely manage data access.
Choosing suitable cybersecurity solutions involves investing in tools that offer proactive threat detection and automated remediation, which align with cybersecurity frameworks such as the Essential Eight, ISO 27001, and NIST guidelines.
Robert Haist noted, "Cyber incidents have a tangible impact, disrupting operations and imposing significant financial burdens on companies.
The foundation of effective defence involves having a strong understanding of the basics: ensuring software is up to date, employing strong passwords, and remaining vigilant about the latest digital security threats."
He further advised, "Equally critical is leveraging advanced remote access and support solutions that offer secure connectivity and control. These tools are essential for maintaining operational continuity, safeguarding sensitive data, and ensuring that teams can respond quickly to any security challenges that arise."
"By integrating such solutions into their cyber hygiene practices, businesses can proactively confront and mitigate cyber risks, ensuring a secure and resilient digital environment."