Active Online Security Measures for Business

Australian businesses are under constant threat from criminals that utilise the inherent features of infrastructure and systems connected to digital networks—and the rate of cyber-attacks is increasing, according to a recent report from the Australian Signals Directorate (ASD).

The ABC reported that ASD indicated that the “most commonly targeted sectors are banking and finance, resources and energy, defence capability and telecommunications.”

Whilst the list covers a large number of Australian businesses, those that fall outside this list should not be complacent as the automated systems used by cyber-criminals are designed to look for any opportunity to carry out theft, fraud or other malicious cyber-attack.

It is vital that business does not sit back and leave the problem to government agencies such as security forces and the Federal Police. The best defence is an active offense and information sharing will enhance the opportunity to prevent cyber-crime.

The Australian Cyber Security Centre (ACSC) opened in November 2014 as “the next evolution of Australia’s cyber security capability.” Information flow about cyber-security and cyber-events will facilitate early action, threat reduction and event mitigation.

Processes have been put in place to facilitate information flow and the ACSC highlights that every Australian should participate. Individuals can report an event using the Australian Cybercrime Online Reporting Network (ACORN), government agencies should form a working relationship directly with ASD and large Australian businesses should partner with CERT Australia, an organisation that is described by the Executive Manager Dr Carolyn Patterson as “the main point of contact for cyber security issues affecting major Australian businesses”.

There are opportunities for Australian business to learn more about cyber security including the Australian Cyber Security Centre 2015 conference that was held in Canberra between 22-23 April. But if you don’t have the resources or time to commit to attending a conference there are important online resources available that business should review.

The ASD Strategies to Mitigate Targeted Cyber Intrusions provides guidance to organisations on how to stay ahead of the cyber-criminals and the key point made by ASD is that “at least 85 percent of the targeted cyber intrusions that the Australian Signals Directorate (ASD) responds to could be prevented by following the Top 4 mitigation strategies listed in our Strategies to Mitigate Targeted Cyber Intrusions:

  • use application whitelisting to help prevent malicious software and unapproved programs from running
  • patch applications such as Java, PDF viewers, Flash, web browsers and Microsoft Office
  • patch operating system vulnerabilities
  • restrict administrative privileges to operating systems and applications based on user duties.”

ASD has also recently published the Australian Government’s Information Security Manual (ISM) that provides a “standard which governs the security of government ICT systems.” The ISM complements the Australian Government’s Protective Security Policy Framework (PSPF) which “provides the appropriate controls for the Australian Government to protect its people, information and assets, at home and overseas”.

Both the ISM and PSPF provide information that business should know, and yes the point that is being pushed is the need for security to be based upon a strong defence against cyber-crime. Cyber-security strategies that apply to government agencies are applicable to business and should be a starting point that is enhanced by industry and business specific “local knowledge” that is gained over time. Remember that international business groups have been building similar knowledge over past decades and can be a valuable source of information.

What this means is that business cannot sit back and let others do the heavy lifting. Business groups need to form relationships with key international business support organisations and facilitate information “trickle down” to ensure that even small and medium enterprises gain access to the knowledge needed to ward off cyber-crime.

On 4 February 2015, Delloite added an Australian cyber intelligence centre to its global network citing the need to reduce the cost to business that it identified as being about $2.5 million per year on average and rising. Delloite highlights the data loss rate increasing by about 25 per cent between 2013 and 2014 globally.

Whilst Delloite’s services are outside the financial reach of many small businesses, there is an opportunity for Australian business groups such as the Business Council of Australia, Small Business Australia and the many other business groups to acquire knowledge and disseminate resources.

By adopting a proactive approach and working together business will collectively benefit. Examples of proactive steps that business should take in concert with local authorities include the Project Sunbird collaboration between the West Australian Police (WAPOL) and the West Australian Department of Commerce (Commerce) that aimed to reduce the incident of online fraud.

In an article on The Conversation the key stages implemented by Project Sunbird were identification, intervention, interruption, intelligence and investigation. Whilst Project Sunbird focused on individuals there is an opportunity for business to learn from this approach and to work with government and police to implement similar proactive approaches.

There are other opportunities for information sharing and collaboration that related business groups should take. One example is to form a relationship with the Virtual Global Taskforce (VGT) that “is an alliance of international law enforcement agencies and private sector partners working together to combat online child sexual abuse.”

By now business should be well aware that cyber-security has become part of daily activity and there is a need to broaden cyber-awareness within organisations. To improve information flows, knowledge and cyber-event related outcomes businesses and business groups need to take the next step and reach out to form proactive partnerships.

Mark Gregory is a Senior Lecturer in the School of Electrical and Computer Engineering at RMIT University.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Join the CSO newsletter!

Error: Please check your email address.

Tags Australian Cybercrime Online Reporting Network (ACORN)Federal Policecyber-crimeAustralian Cyber Security Centre (ACSC)Australian Signals Directorate (ASD)cyber security

More about CERT AustraliaCSODepartment of CommerceEnex TestLabFederal PoliceISMMicrosoftRMITRMIT UniversityWest

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Mark Gregory, RMIT

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts