Why Cyber Experts Advise Getting Tougher with Cyber Security
May 3, 2021 - 5 minutes readFind out why tight cyber security measures for your faith centre or charity are more crucial than ever
Often when people talk about crime and security they are thinking of the threat of intruders and how to best secure their physical property.
This is very important of course. But it could also be easy to overlook or forget about the hidden and often unseen dimension of crime that lurks over the internet.
Here are some sobering facts:
- On average, 164 cyberattacks are reported each day which equates to 1 every 10 minutes. Many more may go unreported as well.
- The cost of cybercrime to the Australian economy is around $29 billion per year.
- The most commonly reported cybercrime in 2019-20 was online fraud. This was followed by identify theft.
- Cyber threats intensified with the pandemic as people started spending more time online and working from home.
Recent victims of cybercrime in the business world include:
- BlueScope – Australian steel-maker BlueScope was reportedly hit by ransomware attacks that affected some of its IT systems and caused serious disruption to its operations. In response, the company enhanced its cyber-security.
- Toll – the shipping giant suffered two ransomware attacks during 2020 that resulted in data theft.
- Levitas – the hedge fund was forced to close down after it responded to a bogus Zoom invite that installed malware and led to the theft of millions.
These sorts of attacks not only impact big business though. They can also happen in small businesses, not-for-profits, and households.
Cyber trends for 2021
Cybercrime is on a ‘growth’ path, unfortunately! Here are some of the latest trends:
- Ransomware is the fastest-growing threat in Australia. It is also becoming more sophisticated.
- Identity theft attempts are expected to rise in the coming year.
- The IoT (internet of things – which refers to all kinds of ‘smart’ devices connected to the internet) will also become more vulnerable without strong security measures in place.
- Financial services and other kinds of service providers are likely to become prime targets.
- While operating in the cloud is generally very secure, extra layers of security are recommended on top.
Best defences
The Australian Cyber Security Centre (ACSC) guide recommends the following measures for small businesses (which could also apply to not-for-profits):
- Software updates – the guide recommends turning on auto-updates and regularly checking for new updates as well.
- Regular data backups – this is not a new thing, as backups have always been advised ever since computers became available to small business and households. ACSC also recommends turning on automatic backups where possible.
- Multi-factor authorisations – this involves setting two or more identity proofs for access, such as a password combined with a one-time SMS code.
- Access control – organisations should set very clear limits regarding who has what level of access to systems.
- Use of passphrases – refers to the use of a string of words or a sentence rather than just a single password.
- Training – it’s important to train yourself and your staff to recognise suspected scams and threats.
- Reporting mechanisms – all small businesses or not-for-profits should have a plan in place for reporting and responding to cyber threats. (See our previous post for more information on setting up an e-crime plan).
Get covered with insurance!
Cyber insurance provides financial protection in case of losses due to online attacks. Our Cyber Risk Protection policy covers a range of cyber risks, including interruption, extortion, and privacy and data breach liability.
To find out more on cyber insurance for churches, faith centres, charities or community groups, call 13 000 FAITH or send us an online message.
Further reading
Faith Insurance – all articles on Cyber Security
ACSC – links to the latest threats and on how to report attacks
ACSC – Small Business Cyber Security Guide.
Written by Tess Oliver at Gold Star Writing
Tags: data, security
0 Comments