I am well aware that I harp on about online security awareness. However, encouraging members of the public to increase their online security benefits more than just the individual. People apply safer online practices in business and at home, and pass them on to their colleagues, family and friends.
We have gone down this path for many years now, through CSO Magazine, the wider security industry and delivery of the Commonwealth Government’s Stay Smart Online Alert Service (now at https://www.communications.gov.au/what-we-do/internet/stay-smart-online).
This valuable service delivers in plain English security information that is factual, neutral and independent. Stay Smart Online provides clear, concise information that enables individuals to learn about threats in their online environment and − more importantly − gives them advice on how to stay safe.
If you have not yet subscribed to the service then I would strongly urge you to do so. If I am preaching to the converted, please share that information with those around you who are less security savvy.
A great part of my role in this endeavour is to get out into the wider community and engage with affiliates, stakeholders and associates. These people and organisations provide us with relevant online security information and act as distribution channels for the messages, review content before release and most importantly, operate as sounding boards for upcoming initiatives.
On a recent fact-finding mission, I travelled to Australian east coast capital cities, and met with a number of key security people within very large Australian organisations. These people worked in the telecommunications, financial services, and education industries, and many were employed by government departments and agencies.
These meetings cemented in my mind that we are moving in the correct direction. The people we met with had a range of titles but were effectively security awareness managers. Their roles included raising online security awareness within their respective organisations, most of which numbered in the tens of thousands.
They also engaged with customers to raise their online security awareness levels. They all told us they used and promoted Stay Smart Online within their organisations. The service was one of their central sources for well-researched, factual, neutral advice delivered in plain English that proactive advice to consumers.
I found that these security and communications engagement roles, have evolved rapidly in less than 18 months. This is a great thing as it means online security awareness is moving into the mainstream.
In the past we were just one voice providing security information to the individual. Now our ranks are growing. Critically however we need to ensure that we are engaged, remaining neutral, delivering consistent key messages, and working collaboratively.
We identified a key area as continuing to raise awareness around online security. Needless to say we have rallied the troops and have something significant in the wings, to be announced shortly. Stay tuned.
This article was brought to you by Enex TestLab, content directors for COS Australia.
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
Cybersecurity Insights - Attack
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
Cybersecurity Insights - People
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.