Cyber Hygiene Three tips to clean up your organisation’s security
A
By Simon Eid Area Vice President, Splunk ANZ
ustralian organisations lack the security maturity and skills needed to survive in today’s and tomorrow’s threat landscape. This is the message coming from IDC. Furthermore, cyber criminals are getting more sophisticated. Look no further than the recent WannaCry attack, which saw more than 200,000 computers across more than 150 countries locked up by the ransomware. The ability of organisations to detect and respond appropriately to this threat is directly tied to their skills and maturity in their people, processes and technology. Moreover, as cybercriminals become more sophisticated, Australian organisations are being urged to sharpen their focus on fighting the cyberwar. You can’t stop a highly-determined attacker from targeting your network, but with a strong focus on cyber hygiene, you can make your organisation extremely difficult to penetrate. With this in mind, let’s look at three steps to clean up the security of your organisation, ensuring you are equipped to survive in tomorrow’s threat landscape.
14 | Australian Cyber Security Magazine
Start at the top The biggest risk plaguing Australian organisations is a lack of dedicated security people. It’s eye-watering to think how many companies, storing extremely high volumes of sensitive customer data, consider security as a sideline for the IT department. Lydie Virollet, IT services and cybersecurity analyst at IDC Down Under, says the understanding and management of threats is a struggle that most Australian organisations face. "In some markets the lack of compelling and enforced legislation leaves the IT security team with the paradox of how to secure the environment when the C-Suite are not prepared to fund it – or, as so often happens, IT security is considered important, but not enough to staff it nor fund it sufficiently," Virollet says. The C-suite needs to take a role in protecting your business that encourages the entire organisation to be aware of security, risks and protection. Explaining how cybersecurity impacts the bottom line of your organisation is a great way