Search Results

Share Article:

Facebook Twitter Linkedin Mail

Peak season shopping, peak cyber security measures

Tech and Innovation Cyber Security

Posted on December 11, 2017

4 min read

[ooyala code=”piZGVsZDE6mamlVGP3aHeOxR_iLxRCzW” player_id=”7ec2cb63fabf4b669d07f06c7f570506″ auto=”true” width=”1280″ height=”720″ autoplay=”true” pcode=”duN2QyOvp793gi9Wd4n94sWFRpTv”

Black Friday, Cyber Monday, the last leg to Christmas. Tis the season for online shopping, and a time for retailers to be excited about.

In 2016, almost $5 billion dollars was ready to be spent by Australians in the 30 days to Christmas, according to the Retail Council. Online shopping peaked in the first week of December, and it is likely this will occur again. While shoppers are busy trawling stores on the Internet, cyber criminals are also on the hunt for a good bargain. 

And as cyber criminals set their sights on data theft, we are seeing a number of cyber breaches targeting retailers globally. International brand Forever 21 reported a data breach in November 2017, and Target in the US paid $25 million to the US government in May 2017 following a multistate data breach, where hackers accessed 40 million credit and debit card details held by the retailer. On home soil, the Office of the Australian Information Commissioner (OAIC) will require all retailers with a turnover of more than $3 million dollars to report a cyber-attack; potentially alert all affected personnel and make a public apology starting early 2018.

Retailers will always remain on the hit list for cyber-attacks as a host of personal and financial information are retained as part of business operations. During this key business period, a ransomware or a Distributed Denial of Service (DDoS) attack are both likely to occur, with the potential to cripple businesses and successfully commit a data breach. While stressing over inventory, shipping times, and managing increased traffic loads on website are important, ensuring a robust cyber security plan is equally crucial to prevent potential downtime, loss of business and most importantly, maintaining the trust of customers.

There are certain simple measures businesses can take to protect itself. First on the list, ensure employees remain vigilant. People are often the weakest link in cyber security, with phishing campaigns the most popular method to deliver malware. Our Telstra Cyber Security Report 2017 revealed that approximately one-third of both Asian and Australian businesses experienced a phishing email incident which impacted their business monthly in 2016. Phishing emails are often disguised as delivery, invoice or utility notices, and when an end-user opens an attachment, it delivers malware to the end user’s device. Education and awareness are key to protecting your business from falling prey to attacks.

Consider the Telstra five knows of cybersecurity, and see how we’ve matched this back to your online shopping business:  

  1. Know the value of your data: Personal and financial information are prized by hackers; but do you really need to retain and store all information? Consider what is essential, and trim down on saving unnecessary data to minimise risks.
  2. Know who has access to your data: Your employees are an obvious group, but what about your trusted suppliers and vendors? Map out all possibilities and keep a list. 
  3. Know where your data is: Your data might be hosted in the cloud, but it can also be stored on Point of Sale (PoS) system in your physical store.
  4. Know who is protecting your data: This is mainly operational – who is keeping watch on your behalf, how can you reach them and what cybersecurity processes are in place?
  5. Know how well your data is protected: Ensuring SSL encryption for online payments, or imposing a more complex password option are ways you can help protect your information, and that of your customers.

Beyond the ‘five knows’, opt for different cyber security services to leave your businesses security in the hands of trusted advisors. Consider a Denial of Service Protection (DoSP), which monitors your web traffic and filters only legitimate customers to access your site. Or look at a managed cloud content security system, which detects vulnerabilities and defend your business from web threats. With the right measures in place, you can safely bring festive cheer to everyone looking for that perfect gift.

Tags: cyber safety,

Be careful out there

One starry, starry night…

ISP blocking - our evaluation report

Opening our new Security Operations Centres – 360 video

Cyber Security

Posted on August 24, 2017

2 min read

Today, we officially open the doors to our newest Security Operation Centre in Sydney, where we will offer our Enterprise and Government customers with a more agile, intelligent and collaborative approach to cyber security. This is essential. At a time when we are seeing an unprecedented rate of cyber-crime in business, it has never been more important to understand and manage cyber risk, for ourselves, and for our customers.

Our state of the art Security Operations Centres provide 24/7, 365 priority access to our highly-skilled cyber security specialists. Our customers can not only see what we see, they can come in and work with us, learn with us, and influence how we develop our security products. Underpinning all of these activities is a powerful open source Managed Security Services platform that lets us tap into global innovation.

As Australia’s largest telecommunications provider, we have an obligation to deliver these kinds of services to market. But, we know we cannot do this alone. In the wake of recent ransomware attacks globally, we believe that no one organisation can tackle the cyber conversation.  Cyber security is a team sport and requires the collaboration of government, regulators, businesses and the community to develop solutions that help build resilience, cyber security and cyber safety for our people.

The Government has set the agenda with a cyber security strategy which we fully support. Now, our role is to help turn this intent into action by providing our customers with the products and services that will deliver a more secure operating environment for all Australians.

We’re excited to open the doors to our Sydney SOC, with Melbourne opening later this month, and an intention to launch globally in 2018.

Below you can watch a 360 tour of the SOC.

If you are having problems viewing this video watch it directly on Facebook here.

Understanding broadband speeds on fixed networks

Be careful out there

Unplug me and I cease to exist

Let’s bring it back to basics with Cyber Security

Tech and Innovation Cyber Security

Posted on June 5, 2017

3 min read

The recent cybercrimes that have affected more than 230,000 businesses in 150 countries has been a wake-up call to the gravity and impact of cyber-crime on an international scale, with banks, hospitals and government agencies grinding to a halt.

One of the biggest reminders that came through in the wake of these events is that the most effective protection against cyber-crime is basic IT hygiene. Everyone from big to small business, to government, and individuals on their PCs at home need to be aware of the simple steps they can take to protect themselves against the attempts that threaten our cyber security.

Our recent Telstra Cyber Security whitepaper shows that more than half of Australian organisations surveyed detect a security breach on a monthly basis, twice as much as detected in 2015. We are a likely cyber-criminal target due to our economic growth combined with high adoption of technology compared to other countries in the region.

While the threat of cyber-crime continues to increase, education and awareness of cyber security remains low. As the report indicates, organisations believe that the main threat is cloud based services, however phishing via email and threats from malware have a higher threat level. What’s even more alarming is that less than half of companies report that they are not ready to handle these threats.

Raising awareness about cyber security is a critical first step, and organisations need to audit their internal systems and train teams to prepare and manage appropriately for any potential cyber-crime. The fundamental steps organisations can take to tackle this issue is through patching and network hardening. Together, patching and network hardening can help to monitor and update IT systems that are not running the latest operating system, and work to reduce security weaknesses that may be exploited by internal or external attackers.

On an educational front, organisations should invest time to run cyber security awareness training. This ensures that cyber security becomes a key focus for all employees and not just the IT team. The good news is that C-suite involvement in cyber security has steadily increased. As the report suggests, two out of three senior executives have a high or very high involvement in their cyber security initiatives in Australia and Asia.

The fight against cyber-crime is bigger than any organisation. We have to look at it like a team sport, which relies on governments, businesses, and communities, working together to ensure our consumers are protected, and our organisations are built to manage cyber-crime. If we want to mitigate the unknown threats facing us in the future IT environment and create a safer cyber world, then we need to work collectively to improve cyber security through basic IT hygiene, and increasing awareness for employees and consumers.

Stay security smart while On the Move

Phishing scams: Be suspicious of emails wanting personal information

Telstra Cyber Security Report 2014

The Internet of Things and its implications on cyber security

featured Cyber Security

Posted on April 4, 2017

3 min read

In the last year, we’ve seen the use of Internet of Things (IoT) devices within the home and the workplace surge significantly.

On a typical day most devices we interact with, from our smart watches, to the office photocopier and printer, and even children’s toys, are connected to the Internet in some shape or form.

This access to connected devices has undoubtedly improved the way consumers interact with these every day items, but it has also exposed them to a number of unprecedented vulnerabilities.

While these types of IoT attacks can lead to significant reputational and financial damages for businesses, equally as importantly, they can also result in loss of customer trust and confidence. As can be seen from these high profile cyber-attacks, businesses must now take appropriate security measures, not just to protect their commercial operations, but also in order to protect their customers.

This increase in the use of connected devices has also led to a range of cyber security risks for enterprises themselves. As the lines between personal and work related use of these devices continue to blur, we’re seeing more cybercriminals target the personal connected devices of employees, as well as office devices, in attempts to infect entire organisations.

One of the most used types of IoT cyber security incidents is known as Distributed Denial of Service (DDoS) attacks. These are attempts to make an online service unavailable by overwhelming it with traffic from multiple comprised devices. DDoS attacks are becoming increasingly common globally. According to our latest annual Telstra Cyber Security Report, 59 per cent of Australian businesses and 43 per cent of Asian businesses have experienced a DDoS attack on at least a yearly basis.

In 2016, the website of cyber security writer and blogger, Brian Krebs, was on the receiving end of a DDoS attack that used IoT devices, including CCTV cameras, Digital Video Recorders (DVRs) and routers designed to take the site offline. We’ve also seen similar cyber attacks using devices like children’s toys and household appliances to create IoT botnets capable of inflicting significant damage.

What we’ve learnt from these high-profile DDoS attacks is that part of the reason they are so popular with cybercriminals is they’re very low cost to launch. They are also easy to access, which means that anyone from experienced cybercriminals to disgruntled customers and employees can attack any business at great ease.

The good news is that everyone can take precautions to prevent their IoT devices from being hijacked by malware and used in DDoS attacks. By purchasing these devices from reputable manufacturers that provide regular security updates, you will help your business will help protect itself against cyber security attacks. Here are some other useful ways that you can avoid DDoS attacks:

  • Update administrator usernames and passwords to become strong and unique.
  • Disable remote access to your devices and block/close unauthorised access using the following protocol ports but not limited to: SSH (22), Telnet (23) and HTTP/HTTPS (80/443).
  • Perform updates/patching and review changes in features and settings on a regular basis for IoT as per any other computer on your network.
  • Ensure staff responsible for Electronic Security and Physical Security are educated on the precautions required when purchasing and deploying security devices such as IP-enabled surveillance cameras.

Telstra Cyber Security Report 2017

Telstra commissioned Frost and Sullivan to survey 360 senior IT leaders and C-suite executives across Australia and Asia to explore the current cyber security landscape and inform businesses how to best manage and mitigate their cyber risks. To download a full copy of the 2017 Cyber Security Report, click here.

Tags: IoT,

Rise of the machines foreshadowed in new report

CES2016: Why your customer service weak spot is your competitor’s sweet spot

How to make a city smart - IoT Challenge

Cyber-attacks: it’s not all doom and gloom for businesses

Business and Enterprise

Posted on April 3, 2017

4 min read

There’s no doubt that cyber security attacks are on the rise here in Australia. According to our latest Telstra Cyber Security Report, attacks have almost doubled in the last year, with almost 60 per cent of organisations experiencing a business impacting security incident at least once a month.

The picture in Asia is not vastly different. Like Australia, more than half of businesses in the region detected a business impacting security breach on a monthly basis. Of these, phishing email attacks were the most common, with over 30 per cent of organisations experiencing these attacks at least monthly.

As sobering as this sounds, the reality is that this is the new normal for organisations navigating their way through today’s evolving digital environment. The rapid growth in the number and variety of connected devices and applications, like the Internet of Things and virtual cloud environments, has led to an increase of unprecedented security challenges for businesses.

But the truth is, cyber security is just like any other business risk and can be managed. When it comes to preventing, and mitigating these risks, it’s critical that this is done by the same group of people who would make decisions about any other major threat to the business – the C-suite.

The good news is that the growth in cyber-attacks and incidents across the world in the last few years has resulted in heightened awareness of the business impacts such risks can have. In turn, we’ve seen C-level executives take a more active role in cyber security through increasing their involvement in security initiatives and taking more responsibility when incidents do occur.

Our study shows that’s two out of three C-level executives in Australia and Asia have high or very high involvement in their cyber security initiatives. For us, this is a great indicator that cyber security is now recognised as an all-of-business issue, not just an IT issue.

One of the most effective initiatives for overcoming cyber security threats is collaboration. Typically, organisations have worked in isolation to tackle cyber security threats however we’re now seeing businesses work with each other, as well as the government and communities, to share threat information and tips on how to manage incidents.

Another welcome finding of our study is that organisations within Australia and Asia are increasing investment in IT security spending to combat cybercrime. Almost half of Australian organisations indicated that they will increase this spending by over 10 per cent within the next year.

We’re particularly pleased to see this because taking advantage of new technologies requires a willingness to invest in people, process and technology appropriate for today’s security environment. Organisations must continue to invest appropriate security solutions and initiatives in order to reap the benefits of innovative technologies as they emerge.

Being in the know

Managing and understanding cyber security risks can be complex. We’ve developed and used ourselves Telstra’s Five Knows of Cyber Security to help leaders understand the risks and what they mean for both the business and customer. Once you’ve considered these questions you will be in a much better position to effectively assess and manage the risk.

1. Know the value of your data
2. Know who has access to your data
3. Know where your data is
4. Know who is protecting your data
5. Know how well your data is protected

Telstra Cyber Security Report 2017

Telstra commissioned Frost and Sullivan to survey 360 senior IT leaders and C-suite executives across Australia and Asia to explore the current cyber security landscape and inform businesses how to best manage and mitigate their cyber risks. To download a full copy of the 2017 Cyber Security Report, click here.

Stay security smart while On the Move

Phishing scams: Be suspicious of emails wanting personal information

Telstra Cyber Security Report 2014