Aussie firms must catch up or will end up as easy security targets: Dell SecureWorks
Australia is behind other countries when it comes to security, and this is becoming more apparent every day, according to Dell SecureWorks Asia-Pacific and Japan principal consultant, Phillip Simpson.
And he claimed that if Australian businesses don’t act fast, they will end up as easy targets for cyber criminals.
“This week, it was announced the federal government is putting through a new bill which obliges about 1600 telcos and related companies to protect their networks from unauthorised access and interference.
“Breach notification laws have been highly effective at forcing organisations to review IT security in countries such as the USA and Europe but Australia falls behind. We hear stories about organisations getting breached by threat actors but the ones we should be concerned about are the ones we are not hearing about,” he said.
According to Simpson, as Australia falls behind other countries around IT security, businesses are putting themselves into the attention of threat actors.
“If threat actors are finding information of value in Australia they are going to do what is necessary to take it. We have seen examples of this, such as Chinese hackers steeling intellectual property from manufactures and implementing cheaper ways to produce cheap imitations for sale into other regions.
“We know Australia is a high target. If we look at the crypto locker breach numbers, Australia was ranked third in the globe for number of encrypted devices,” he mentioned.
Philipson added that there are six steps a company can take to be pro-active about security. They include:
- Testing the environment, including policies around IT security, to know the weaknesses so businesses can fix them
- Being pro-active instead of reactive, understanding the threats and preparing for it
- Understanding access controls and making sure the right people have the appropriate access
- Monitoring network traffic
- Having a quality patch management process
- Training staff and end users so that they are aware of the importance of IT security.
