Driven largely by the disruption caused by the pandemic, along with several high-profile success stories, cybercriminals are targeting Australian organisations at an unprecedented level.
The Australian Cyber Security Centre (ACSC) received almost 5,000 reports of BEC in the 12 months up to June this year, with estimated losses totalling over $80 million. It’s clearly a lucrative pastime for cyber criminals.
As a result, Australia's CISOs are understandably on high alert. Over 70% feel at risk of suffering a material cyber attack within the next year. To compound the issue, most do not feel prepared for such a fate. Over half do not believe their organisation is ready for a cyber attack, while 50% are more concerned about the repercussions of an attack this year than they were in 2020.
The long-term shift to hybrid work in response to COVID-19 is only making matters worse. Almost half (47%) of Australian CISOs agree that remote working has made their organisation more vulnerable to targeted cyberattacks, with 45% revealing they had seen an increase in targeted attacks in the last 12 months.
In a bid to raise awareness and action, the ACSC recently issued the next stage of its 'Act Now Stay Secure' cyber security campaign. Spanning nine key areas, it lays out the steps Australia's businesses can take to mitigate, deter, and recover from cyber attacks.
The key takeaways of the initiative are explored below, along with how Proofpoint can help you put them into practice.
Protecting your inbox
With email the number one point of entry for cyber attacks, any additional layers of protection such as Multi-factor Authentication (MFA) are highly recommended. However, MFA is by no means foolproof, and cybercriminals are increasingly finding new ways to bypass its protection.
What's more, attempted email account compromise requires ongoing detection beyond such preventative measures. Cybersecurity teams must be able to monitor and identify suspicious activity and prioritise response accordingly. Proofpoint's partnership with Okta can help you do this, especially when implemented alongside a Targeted Attack Prevention (TAP) and Cloud Account Defence (CAD) solution.
Domain and email authentication
When defending against domain spoofing and hijacking, it's always best practice to renew any domains previously used by your organisation. At the same time, you must regularly monitor for newly registered lookalikes. However, anticipating and spotting every potentially spoofed domain is incredibly challenging, with numbers potentially running into the thousands.
An email fraud and DMARC solution can keep your domains and emails secure, helping to combat BEC and spoofing. Proofpoint's brand protection solution can also help you monitor and mitigate threats to your digital footprint across domains, social media, and beyond.
Finally, with 98% of Proofpoint customers reporting a supply chain attack in 2020, you need a solution such as Proofpoint Email Fraud Defense to gain total visibility into your vendors and the risk they pose to your business.
The privacy problem
All organisations are aware of the importance of privacy. Cybercriminals target your most sensitive and highly prized information, and it's vital that you ensure it is protected and stored in line with regulations such as the Australian Privacy Act and the EU's GDPR.
However, your privacy controls must go far beyond this. A modern privacy strategy should encompass more than customer data, spanning your email, cloud, endpoints, and entire ecosystem. Organisations need to implement solutions designed to combat email and cloud threats and offer comprehensive information protection.
Policing policies and procedures
So far, we've covered many of the tools that help you protect your organisation in line with the ACSC's Prevention and Protection Guide. But tools alone are not enough. Any effective cyber defence strategy must be backed by clear policies and procedures governing everything from basic password hygiene to BYOD.
Of course, just as important as implementing these policies is policing them. A comprehensive security orchestration, automation, and response (SOAR) platform can help analyse malicious and suspicious activity and prioritise response.
Proofpoint also offers managed and premium services to help you stay in control of your technology, policies, and procedures across your organisation.
Delivering people-centric awareness training
People-centric attacks require a people-centric defence. It is your users who are on the front line facing tenacious cybercriminals, and you must train them to defend your organisation accordingly.
Comprehensive Security Awareness Training must go beyond jargon definition and multiple-choice tests. The goal is to build a security culture throughout your organisation – in which every member of your team knows not just how to detect and deter cyber threats but how their behaviour can limit and indeed increase an attack's chances of success. This needs to be multi-faceted, it can’t be a one size fits all approach to make sure positive behaviour changes occur.
When your users genuinely understand that a single errant click or weak password can expose your organisation to vast financial and reputational consequences, behaviour changes – and we are all safer as a result. Create a culture of making sure users are encouraged to report anything erroneous.
Vigilance is vital
Finally, staying informed of the threat landscape and your current risk level is key. Your security training programme should put cyber threats at the forefront of everyone's minds, creating an environment in which vigilance is the default setting.
But as well as visibility into the threats you face, you also need a complete picture of your networks – who is accessing your data, when, from where, and why. As well as gaining a thorough insight into the level of people risk posed to your organisation.
As this breakdown of the ACSC guide goes to show, there's no short answer to cybersecurity. And there's certainly no silver bullet. The only effective cyber defence is broad and multilayered, spanning tools and technology, policies and procedures – and most importantly, your people.