FEED Autumn 2021 Newsletter

Carl Petch Telstra Broadcast Services Ltd Head of architecture and integration

What are the biggest cybersecurity threats now?

Since the pandemic is keeping more people at home, there has been a recorded increase in the amount of time people spent gaming in 2020/21 – and so, hackers had more opportunity to target gamers. In 2020/21, there was a huge increase in both credential stuffing attacks and web attacks. This highlights that individuals are targeted by hackers as much as businesses, using some of the attack vectors I highlighted earlier. Telstra Broadcast Services is part of a greater business that holds cybersecurity at its core. It has a company-wide approach, with key stakeholders responsible within the organisation. What best practices do you have in place to defend yourself? Security threats can come from the most unexpected sources. Securing company hardware is very important. The loss or theft of an employee device is a very high-threat profile. The basics are protecting devices with complicated passwords, and promoting password managers for employees. Encrypting devices is also crucial for security. However, the key focus is to put time and effort into creating a security-focused workplace culture through sufficient training and education. A best practice risk-based approach to Who is in charge of cybersecurity in your organisation? security helps businesses implement threat modelling and rethink their approach to cybersecurity in an all-encompassing way. Without regular and comprehensive security gap analysis to prove the need exists, it is just informed guesswork. A security gap analysis helps stakeholders assign security priorities and allocate the resources to deliver the best outcomes. Have you had any personal experience of a cyberattack? Malware phishing, but nothing more than that. What is the scariest cybersecurity story you’ve ever heard? Ransomware – where businesses pay a ransom to hackers to get back into systems they have been locked out of – is very scary. Often, they feel they do not have the internal resources to escape this problem, and paying the hackers is an easier route.

The threat of malware looms large within the security landscape. Malware is a very broad term and has many threads attached, like ransomware attacks, botnet software, RATs, spyware and viruses, etc. Intentional and malicious attempts to breach the security of an organisation, or create chaos at the targeted business, usually come in the form of a DDoS attack. This floods a website with incoming messages. They are used by hackers regularly, but still create a huge strain on business, with staff trying to keep operations going. Hackers also like targeted malware infections. These cause many issues operationally and damage the long-term security of the business. While ransomware gets most of the headlines these days, software vulnerabilities are not far behind as one of the biggest threats to the majority of businesses. How well-informed are your customers on cybersecurity issues? Most businesses have policies and procedures to technically deal with these issues. However, a more holistic approach to protect customers needs to be considered. Businesses large and small mostly have security safeguards, controls and policy guidelines, but lack wide-ranging frameworks across all cybersecurity issues. Cybersecurity needs to be integrated within your strategy. Only then can you build trust internally and create value for all employees: this is a core challenge for any business, that can flow to partners and customers over time. Organisations should encourage individuals, units, or the entire company to accept responsibility for security within their environments. This helps to raise threat awareness across all levels. IN 2020/21, THERE WAS AN INCREASE IN CREDENTIAL STUFFING ATTACKS AND WEB ATTACKS

@feedzinesocial

Powered by