A recent Cyber Security Survey released by the Australian Cyber Security Centre (ACSC) warns that Australia’s largest companies are under daily cyber-attack. It’s noted that 90 per cent of organisations experienced some form of attempted or successful cyber security compromise during the 2015-16 financial year. And, close to 60 per cent had at least one incident that successfully compromised data and/or systems.
According to a global survey by the Ponemon Institute and IBM, the average cost of an Australian data breach is AUD$2.82 million. Additionally, an alarming 60 per cent of small businesses fail within six months of a cyber-attack.
It’s one thing for your business’ data to be temporarily offline, yet it’s quite another for it to be criminally intercepted. Beyond the costs associated with a cyber-attack, damage to consumer and customer confidence may have the most severe consequences, leading to lost business and negative publicity.
Last year, we saw cybercrime targeting customers of online banking, as outlined in the ACSC Threat Report 2016. Many fell victim to malware known as Dridex, which is delivered via spam email with malicious attachments. This malware monitors for activity related to online banking and then steals information and credentials.
Online retailers with customer portals must now embrace two-factor authentication (2FA) to confirm a user’s identity at login to provide an extra level of security and peace of mind. A simple one-time password (OTP) or push authentication through 2FA can alert IT teams to fraudulent access before cybercriminals have the opportunity to steal customer information. The growth of the Internet of Things (IoT) is making 2FA increasingly critical. Widely interconnected devices and services create more entry points for hackers than ever before.
Further, with many online businesses moving their company and customer data to the cloud, it’s critically important that they have teamed with a cloud services provider that adheres to best practices for data management. It’s essential that sensitive data assets are treated with the care and consideration they deserve, keeping them safe from hackers.
One of the surest ways for businesses to protect their data from cybercrime is to ensure its provider encrypts all connections from their in-office client applications or remote workers to the hosted ERP server. Ideally, the technology should offer a selection of network communication options, including the industry standard Secure Shell (SSH), which is designed to provide network connectivity via a secure channel, even over insecure networks.
A strong cloud solution will offer IT transparency into who is accessing what and when, and enable them to lock down access in an instant if needed. Additionally, the technology should undergo regular network penetration tests – ensuring experts are constantly updating security levels to the highest standard.
Another key element is the cultural attitude towards data security within your organisation. Security is as much about people as technology, and having the entire business aligned and valuing data assets as worth protecting will go a long way. This culture must be at all levels, not in just, for example, the IT department.
Your data is only as safe as the protection afforded to it. Choosing a technology partner that equips your online business with a highly secure data management solution is key to shielding your company and customer data from intruders