Read Time:2 Minute, 7 Second
Tick tock says the clock for Australian-based entities as more high-profile data leaks surface.
According to the report released by Verizon on the 2022 Data Breach Investigation, 82 per cent of cybersecurity breaches have Human Element — social attacks, errors, and misuse.
There are a lot of loose wires that cyber perpetrators may see as the entrance to the organisation’s system. It might be an employee uneducated in cybersecurity who fell for a spoofing or phishing attack exposing the company to a breach or a shady worker that made it through stealing data due to poor company security measures.
To highlight, insider threats like developers leaving API endpoints unsecured or employees allowing access to an attack by sharing their credentials contribute to most recorded leaks.
The primary data breaches like Optus and Medibank rang an urgency bell for most companies’ chief operating security officers to get proactive along with board and business leaders.
According to recent research by Proofpoint and Cybersecurity at MIT Sloan (CAMS), 58% of Australian firms prioritise cybersecurity. In contrast to CISOs, who believe their organisation is in danger of a material cyber attack over the next 12 months, only 52% of Australian board members share this belief.
“It is absolutely essential for business leaders to stay on top of technology trends in order to stay competitive in today’s hyper-growth environment,” mentioned Manu Mehra, Managing Director – Australia and New Zealand, Lenovo ISG.
Do businesses need to maintain the most important personally identifiable information (PII) about their clients? The definition of the business need must include data minimization as a critical element. Companies must also evaluate the data gathered, why it is collected, where and how it is stored, and how long it has to be kept.
Procedures surrounding purpose limitation and storage limitation, as well as practices that minimise the amount of PII collected, are required. Said, businesses can significantly reduce the risk of data leaks by only retaining data as long as it is necessary.
Recognising a company as a target is vital even if the breach has yet to occur. It is not a matter of if but when. There are traditional security measures that are deemed to be effective and are already in place. However, the companies must also prepare for the recovery stage;’ what happens after a breach occurs?’ must be addressed.
With Human Element being one of the vital weak points in this dilemma, cyber talent must increase in the market– increasing the number of highly skilled cyber experts.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
