Key Targets for Cybersecurity in 2021

Key Areas to Target Your Cybersecurity Upgrades for 2021

-Cybersecurity, and especially cybersecurity in 2021, is one of those things that is never completely done. Threats continue to evolve each year, which requires Brisbane area businesses to evaluate their IT security and where upgrades may be needed to keep up.

According to the Australian Cyber Security Centre, there is now about one cybercrime report made every 10 minutes in Australia. Criminals of cybersecurity in 2021 continue to find more efficient ways to release ransomware, spyware, and other threats. Plus, they are beginning to run attacks like a huge criminal enterprise.

The average cost of a data breach is AUD$5.03 million.

Companies that want to stay resilient need to continue evolving their IT security strategy to protect against new and emerging threats. Having strong cybersecurity safeguards is vital to continued business continuity.

Where should you focus your security efforts in 2021? We’ve looked through reports on emerging threats (Sophos 2021 Threat Report) and where small businesses are planning to increase cybersecurity budgets this year (McKinsey’s 2021 security spending report) to bring you an IT security upgrade roadmap.

These are the places you need to reinforce to keep your business protected from cyberthreats this year and beyond.

Ransomware Protection

Ransomware is a top threat noted in the Sophos report. Attackers are finding ransomware more lucrative than ever, and the practice is becoming a major money maker of large underground criminal cartels.

With this organised backing, attacks have been made more efficient. Some that took days or weeks to carry out now only take a few hours.

Approximately 67% of organisations in Australia have suffered a ransomware attack in the last 12 months, which is 10% above the global average.

Some of the ways to improve protection against ransomware, which largely comes in via phishing email, are:

  • Employee cybersecurity awareness training
  • DNS filtering to block dangerous websites
  • Strong email security settings in apps like Microsoft 365
  • Email and spam filtering
  • Monitored antivirus/anti-malware

Endpoint Management & Cybersecurity in 2021

In the report on where large and small businesses are planning to spend more on cybersecurity in 2021, both were planning endpoint security enhancements.

With the workforce being scattered due to the pandemic, businesses now have devices used for work located in several employee homes and potentially on less secure Wi-Fi networks.

Do you know which computers and mobile devices are accessing your business data at any time? What happens when a remote employee quits suddenly and goes to a competitor? Can you immediately revoke their data access?

Endpoint management is vital for data security. It involves using an application such as Microsoft Intune to secure all business data being stored on and accessed by any device.

With endpoint management, you can:

  • Remotely grant or revoke access to business data
  • Keep devices updated with security patches automatically
  • Monitor which devices are accessing your business data
  • Remotely lock or wipe business data from a device

Cloud Security & Identity Management

Both the threat and spending report note that cloud security and identity management are becoming big areas of risk for companies.

With most busines data and work processes now in the cloud, attackers are increasingly going after cloud accounts, and the easiest way for hackers to breach them is through a compromised user login.

Approximately 77% of cloud account breaches are due to compromised login credentials.

Some of the ways you can improve your cloud and login security are:

  • Use multi-factor authentication (MFA) with all logins
  • Use of a single sign-on (SSO) application
  • Password management app to ensure strong user passwords
  • Use of advanced authentication, such as geo-based
  • Use of the Rule of Least Privilege 

Zero-Trust Network Cybersecurity in 2021

Firewalls have been around for decades as a way to keep networks secure, but they continually gain more features to keep up with emerging threats.

For example, one of the growing threats is fileless malware, which is very difficult for traditional systems to catch because there is no malware file involved. Fileless malware sends malicious command to a legitimate operating system process, such as Windows PowerShell.

A new model for firewalls and network security is called Zero-trust. This means that instead of trying to identify the “bad guys” and keep them out of a network, your security is set up with a list of who the “good guys” are, and to keep everyone else out by default.

Zero-trust also includes sophisticated strategies such as application ringfencing, which designates which applications can interact with other system applications and how they can interact. This helps prevent PowerShell from executing malicious commands that it may have been given through fileless malware.

Get a Full Audit and Get Ahead of Your Planning for Cybersecurity in 2021

Are you interested in learning more about cybersecurity in 2021? Connected Platforms is a dedicated business IT solutions provider and will work with your business to put effective systems in place to keep your entire team connected and productive. Call us anytime on (07) 3062 6932 or book a coffee meeting today and see how Connected Platforms can help you!

More blog posts

How to create secure passwords

How to create secure passwords

Weak passwords are one of the biggest security risks to your business.
Why?
Because cyber criminals are getting smarter than ever before. If they manage to crack just one password, they could gain access to your sensitive business data, financial information, or even gain control of your entire system.
Cyber criminals use automated tools to guess passwords, allowing them to try out millions of combinations in seconds. So, if you’re using something like “Password123” or “CompanyName2025”, you’re practically handing them the keys to your business.
A compromised password can lead to big issues, such as:
• Data breaches
• Financial losses
• Identity theft
• Reputation damage
But how do you create strong passwords without driving yourself (and your team) mad?
Think of your password like a secret recipe, where only you should know the ingredients. It should:
• Be at least 14 characters long (the longer, the better)
• Include a mix of uppercase and lowercase letters
• Contain a few numbers and symbols (like @, $, %, or &)
• Not contain any common words or easily guessable information (like birthdays, names, or the word “password”)
Instead of using a single word, you could try a passphrase – a short, random sentence that only you would understand. For example, instead of “Sailing2025”, try something like “Coffee&CloudsAreGreat9!”. This is much harder to crack, yet still easy to remember.
You should also steer clear of these common mistakes:
• Using personal info (your name, birthday, business name, etc.)
• Reusing the same passwords across multiple accounts
• Using simple sequences (“123456” or “abcdef”)
• Storing passwords in an easily accessible place (like a sticky note on your desk)
If remembering unique passwords for every account sounds impossible, there is another option: Password managers. These generate strong passwords, store them securely and autofill them for you.
With a password manager, you only need to remember one strong master password for the manager app itself. The rest are encrypted and stored safely, reducing the risk of data breaches.
Even the strongest password isn’t foolproof, which is why multi-factor authentication (MFA) is also important. MFA requires a second form of verification, like a one-time code sent to your phone or generated from an authentication app.
If you have employees accessing your business systems, it’s a good idea to have a password policy in place to explain your rules and why they’re important. This should include:
• Unique passwords for each system and account
• Regular security training on password best practices
• Business-wide use of MFA for critical systems
• Scanning for compromised passwords regularly
By making password security a priority, you can reduce the chances of a cyber attack creating a nightmare for your business.
And if you need help making your business more secure, get in touch.

Beware these common ‘malvertising’ attacks

Beware these common ‘malvertising’ attacks

Ever clicked an online ad and wondered afterwards if it was a scam?… most of us have – and cyber criminals want us to keep doing it. Here’s what to look out for to stop your business’s data (and profits) falling into the wrong hands…

Call Now Button