Published on the 21/05/2013 | Written by Newsdesk
Australia’s Government has dubbed this National Cyber Security Awareness Week in a bid to encourage people to take the issue more seriously – seems we haven’t in the past…
Cyber security is hitting the hip pockets of a growing number of Australians with almost one in five having, or knowing someone who had, their money stolen online. A new survey commissioned by PayPal has found that 55 percent of respondents were not even sure how many websites held their personal information even though 23 percent had, or knew someone who had, their details stolen from an online site.
It’s this laissez-faire attitude that the Government wants to tackle with its Cyber Security Awareness Week.
But enterprises are also at risk – often through lax social media policies, or a failure to properly deploy security technology. A new survey of the Australian Information Security Association’s membership revealed that 90 percent believed the security measures available to enterprises are not being reliably deployed.
Government itself is also vulnerable. The Financial Review newspaper has recently detailed a series of attempts to breach the security systems of the Reserve Bank, the Australian Bureau of Statistics and the Government-owned NBN Co and also flagged high level talks with the US scheduled for this week about the growing incidence of targeted attacks.
But James Holley, leader for Ernst & Young’s Information Security Incident Response services, warned last week there is no guaranteed way of avoiding cyber attack. “If sophisticated and well-funded attackers target a specific environment, they will get in. In this rapidly-evolving threat landscape, information security professionals need to adopt the mindset that their network is already compromised or soon will be.”
With this in mind Ernst & Young in association with ISACA (formerly the Information Systems Audit and Control Association) has released what it describes as a ‘how-to’ book, called Responding to Targeted Cyberattacks, which is intended to provide organisations with some guidance as to the steps that an organisation should take when their security is compromised.
ISACA members can access a copy of the book free at www.isaca.org/cyberattacks while non-members can purchase a print or electronic version online.
