During this year, Australia will require organisations to notify cyber-breaches to the Privacy Commissioner and to all affected parties. Penalties are $360,000 for individuals and $1.8 million for organisations for not notifying cyber-breaches. There are however many exceptions...

A new kind of 'invisible' malware has been identified by Kaspersky as being widespread in banks, telcom companies and government organisations.

Malware usually appears in files on computers and that is how they are identified. This new kind of malware exists instead in computer's memory.  This makes it much harder to spot. It also marks an increase in the use in the wild of what have been up to now rare memory-based cyber-attacks.

Layering in cyber security means putting more barriers in the way of cyber-attacks.

Instead of  cyber-security existing as a single perimeter barrier, cyber-security can offer layers of differing forms of protection.

The idea can be most easily seen in castles **

 

From the early days, Apple has been proud of its cyber-security.There's a widespread assumption Apple computers and devices are safe from cyber-attacks. Recent evidence contradicts this.

How serious is it for businesses using Apple ? What are the best business cyber-security strategies for Apple products?

Segmentation is a well-established security idea - 'don't put all your eggs in one basket!' It is common sense in cyber-security, CPTED, personal protection and asymmetric warfare. In whole-of-business cyber-security we apply segmentation to all aspects of a business, as appropriate. Segmentation of business assets is guided by Information Risk Assessment.

Segmentation provides a basis for layering of cyber-protection to reduce business risks and increase difficulty for cyber-attackers. Segmentation is a powerful, management-based cyber-security method...

 

 

People find it difficult to use passwords easily and securely. Many professionals have a LOT of passwords.

Below  is practical way to manage passwords that is effective, secure and easy to use. It was developed for a wide variety of business process environments that needed to have high levels of security for critical important passwords and have easy access for less important passwords .

thoughtful-manager-image

A recent Australian Prudential Regulation Authority (APRA) survey identified that 50% of financial sector organisations experienced cyber-security incidents needing executive management involvement.

For many financial planners and wealth managers, such cyber-attacks threaten business collapse.

Why do hackers focus on financial planning and wealth adviser professionals? The opportunities for criminal financial gains are large, and many financial advisers are small in size with  business processes are not well developed in cyber-security terms.

Almost all businesses in the US had cyber-attacks, mostly these included ransomware

The picture of cyber-attacks in 2016 from Radware is that of increasing numbers of cyber-attacks  and with greater sophistication. There is a move away from more traditional cyber-attacks towards multiple attacks aiming at different parts of the business and IT. Increasingly, cyber-attacks target the business rather than only targeting the IT systems.

 

From a cyber-risk perspective there are just two types of business: 

"Those that have been hacked and those that will be hacked"

Cybersecurity impacts extend via managers and the executive to the boardroom.

Cyber-risks and the extent of cyber-losses are now more to do with the management of business processes and staff than with IT security only.

Information Risk Assessment identifies the levels of risk to a business of the different kinds of information the business is managing.

Every business depends on information to make a profit and for its continuity. Attacks on a business’s information can adversely affect the business and third parties and result in a variety of liabilities and losses. Information Risk Assessment helps businesses to decide the levels of cyber-protection for the different kinds of information.

 

The losses from cyber-crime are expected to increase to $2 trillion dollars by 2019. 

For many businesses, organizations and individuals this level of losses will seriously impact their bottom line and in some cases will be disastrous.

Businesses most at risk are SMEs and professional services businesses, especially micro-businesses of 1-50 employees.