How worried should firms be about cybersecurity in 2017?

Recent revelations from Wikileaks have heightened concerns about cybersecurity and data breaches, not just by lone-wolf hackers but by shadowy intelligence agencies too.

As the number of connected devices and applications we use continues to grows, so does the risk of cyberattacks. The latest Wikileaks reports suggest smartphones may not be as secure as we’ve thought, and even smart TVs and vehicles can be compromised.

How serious is the threat to Australian businesses?

Cybersecurity is a global issue and Australian organisations need to be ever-more vigilant.

While many understand the damage hackers can cause a business, some companies may underestimate their chances of an attack. According to KPMG, only half of CEOs globally say they are fully prepared for cybersecurity incidents, but this figure is even lower – just 35 per cent – for Australian CEOs.

There are a variety of ways firms can minimise the risks – for example, hiring qualified IT security experts, using up-to-date software and technology, adhering to cybersecurity best practices, and having contingency or disaster recovery plans in place.

Many Australian businesses are not well prepared for the consequences of a cyberattack.

Despite the troubling recent news regarding spy agencies such as the CIA being able to snoop into people’s lives, Australian businesses should continue to focus their energy on preventing the most likely cyberthreats they will face in 2017. These include distributed denial of service (DDoS) attacks, ransomware and internal company threats.

• DDoS attacks

DDoS attacks have the ability to completely freeze a website, network or server. They do this by bombarding a target with data sent from many individual computers at the same time. A recent study by Deloitte predicted that DDoS attacks will continue to rise as we move deeper into the Internet of Things era.

Phill Everson, UK head of cyber risk services at Deloitte, said that in 2017 the size and rate of such attacks can be expected to increase globally.

“DDoS attacks will not only scale up this year to a terabit per second in some instances, but also increase in frequency to a total of 10 million attacks,” he said.

• Ransomware

Ransomware is a type of malware that can lock users out of applications on their computer, preventing access until a ransom is paid. The effectiveness and number of ransomware attacks is also expected to increase this year.

“We have already seen this start to come to fruition with the recent attack on the San Francisco Municipal Transport Agency, where over 2,000 systems were completely locked with ransomware and likely spread on its own as a self-propagating worm,” Stephen Gates, chief research intelligence analyst at NSFOCUS, told TechRepublic.

• Insider threats

According to IBM’s 2016 Cyber Security Intelligence Index, 60 per cent of cyber breaches experienced by organisations in 2015 were the work of insiders or employees either intentionally (i.e. someone with malicious intent) or not (workers compromising systems by accident).

Approximately a third of these cases involved employees failing to adhere to a company’s cybersecurity protocols or erroneously permitting external parties to access company data. For the most part, these kind of incidents can be avoided with adequate staff training and more robust cybersecurity measures.

Many cybersecurity breaches within organisations are actually caused by internal staff, intentionally or not.

In the world of recruitment, agencies need assurances the systems they are using are not only effective, but secure. Australian recruitment firms typically hold highly confidential data on thousands of candidates and clients, any breach of which could be disastrous for business operations. Customers and candidates rely on agencies to keep their information confidential – there is a high level of expectation they will be protected.

FastTrack your cybersecurity

FastTrack360 is a recruitment software solution with world-class multilayered security features. If a new cyberthreat appears in the market, FastTrack will carry out a security update to protect the system. Such updates are an ongoing priority, as they are for many software providers.

Training customers on the various security features is an important part of the software’s implementation phase. Further to that, FastTrack keeps in close touch with its customers to actively prompt and remind users about maintaining optimal cybersecurity behaviours.

Educating recruiters about the need to adopt certain practices and how to make the most of FastTrack software’s security functions is a big part of our customer service process. The most important aspect of keeping your system secure is choosing a complex password. It seems like a simple measure, however, many employees continue to put their data at risk by using easy-to-hack passwords.

Like to find out more about how your agency can avoid cyberthreats in 2017? Please contact FastTrack and talk to one of our friendly consultants today.