How cyber criminals are targeting your business
Cyber criminals have an armoury of tools at their disposal: ransomware, credential phishing, banking malware, business email compromise, known vulnerability exploitation, watering hole attacks, zero day exploitation and distributed denial of service.
To deploy these tools they search for a weakness in the security of an organisation’s operations. This may be pre-existing – as a known vulnerability in a system that the business uses – or it may be created by exploiting human factors, often by using a combination of surveillance and psychology. But whatever the method, if criminals find it too time consuming and expensive to hack into your organisation, they will look elsewhere for easier targets.
Awareness among employees is a first line of defence that should be coupled with ironclad verification protocols. Using business email compromise as an example, employees need to understand that demands for money transfers can be from imposters using known identities, via emails that look authentic but are not, using invoices that pay to similar-looking but fraudulent bank accounts; or who are leveraging information about securities or assets.
Defending your enterprise
Effective threat detection depends on establishing systems, processes and methodologies that enable you to systematically check and protect the security of your sensitive data. Routine defensive policies and procedures need to be carried out diligently by competent personnel.
Any effective risk management policy must necessarily include techniques for identifying risks and contextualising their significance to your operations; what other aspects of your business and those of external business partners they interface with; and finally, what the response needs to be based on this knowledge.
Telstra’s Five Knows of Cyber Security, listed below, are a useful starting point for cyber risk assessment.
- Know the value of your data;
- Know who has access to your data, both internally and externally, and whether they should continue to have access;
- Know where your data is;
- Know who is protecting your data; and
- Know how well your data is protected.
Tools and reporting
Once the areas of an operation have been prioritised for security focus, a framework is required: a platform or set of standards that best meets organisational needs. The identity of who will be involved and how they are to monitor the security activities of your business must be documented.
Companies that do business with partners in other jurisdictions need to observe compliance with their directives, such as those specified in the GDPR. Those involved with processing card payments need a framework that meets the Payment Card Industry Data Security Standard (PCIDSS).
ISO 27001 Certification has become the default cyber security risk management process, and one that is recognised in the US and elsewhere because it provides a sound basis for establishing business security priorities and processes.
The adopted protocol should enable an organisation to identify a security breach, then isolate and mitigate it. There needs to be an established pathway for reporting the breach to senior management, aligned with the urgency of need for response to the incident. These are all key components of a measurable security management framework.
The chosen framework should collect, monitor, measure and report information that delivers key security indices for establishing benchmarks and what ‘normal’ looks like. This data should be delivered in a dashboard format to provide a visualisation tool for both security operations personnel and senior managers at committee or boardroom level.
Need advice on cyber security for your business?
Gallagher is ACAPMA’s insurance partner with a team of specialist brokers for the convenience stores and petrol retail sectors. Request a cyber insurance quote, or more information on Gallagher’s products range here.
Gallagher has also released a guide to developing a data breach response plan for your business. This is available as a free download here.