-Cybersecurity, and especially cybersecurity in 2021, is one of those things that is never completely done. Threats continue to evolve each year, which requires Brisbane area businesses to evaluate their IT security and where upgrades may be needed to keep up.
According to the Australian Cyber Security Centre, there is now about one cybercrime report made every 10 minutes in Australia. Criminals of cybersecurity in 2021 continue to find more efficient ways to release ransomware, spyware, and other threats. Plus, they are beginning to run attacks like a huge criminal enterprise.
The average cost of a data breach is AUD$5.03 million.
Companies that want to stay resilient need to continue evolving their IT security strategy to protect against new and emerging threats. Having strong cybersecurity safeguards is vital to continued business continuity.
Where should you focus your security efforts in 2021? We’ve looked through reports on emerging threats (Sophos 2021 Threat Report) and where small businesses are planning to increase cybersecurity budgets this year (McKinsey’s 2021 security spending report) to bring you an IT security upgrade roadmap.
These are the places you need to reinforce to keep your business protected from cyberthreats this year and beyond.
Ransomware is a top threat noted in the Sophos report. Attackers are finding ransomware more lucrative than ever, and the practice is becoming a major money maker of large underground criminal cartels.
With this organised backing, attacks have been made more efficient. Some that took days or weeks to carry out now only take a few hours.
Approximately 67% of organisations in Australia have suffered a ransomware attack in the last 12 months, which is 10% above the global average.
Some of the ways to improve protection against ransomware, which largely comes in via phishing email, are:
- Employee cybersecurity awareness training
- DNS filtering to block dangerous websites
- Strong email security settings in apps like Microsoft 365
- Email and spam filtering
- Monitored antivirus/anti-malware
Endpoint Management & Cybersecurity in 2021
In the report on where large and small businesses are planning to spend more on cybersecurity in 2021, both were planning endpoint security enhancements.
With the workforce being scattered due to the pandemic, businesses now have devices used for work located in several employee homes and potentially on less secure Wi-Fi networks.
Do you know which computers and mobile devices are accessing your business data at any time? What happens when a remote employee quits suddenly and goes to a competitor? Can you immediately revoke their data access?
Endpoint management is vital for data security. It involves using an application such as Microsoft Intune to secure all business data being stored on and accessed by any device.
With endpoint management, you can:
- Remotely grant or revoke access to business data
- Keep devices updated with security patches automatically
- Monitor which devices are accessing your business data
- Remotely lock or wipe business data from a device
Cloud Security & Identity Management
Both the threat and spending report note that cloud security and identity management are becoming big areas of risk for companies.
With most busines data and work processes now in the cloud, attackers are increasingly going after cloud accounts, and the easiest way for hackers to breach them is through a compromised user login.
Approximately 77% of cloud account breaches are due to compromised login credentials.
Some of the ways you can improve your cloud and login security are:
- Use multi-factor authentication (MFA) with all logins
- Use of a single sign-on (SSO) application
- Password management app to ensure strong user passwords
- Use of advanced authentication, such as geo-based
- Use of the Rule of Least Privilege
Zero-Trust Network Cybersecurity in 2021
Firewalls have been around for decades as a way to keep networks secure, but they continually gain more features to keep up with emerging threats.
For example, one of the growing threats is fileless malware, which is very difficult for traditional systems to catch because there is no malware file involved. Fileless malware sends malicious command to a legitimate operating system process, such as Windows PowerShell.
A new model for firewalls and network security is called Zero-trust. This means that instead of trying to identify the “bad guys” and keep them out of a network, your security is set up with a list of who the “good guys” are, and to keep everyone else out by default.
Zero-trust also includes sophisticated strategies such as application ringfencing, which designates which applications can interact with other system applications and how they can interact. This helps prevent PowerShell from executing malicious commands that it may have been given through fileless malware.
Get a Full Audit and Get Ahead of Your Planning for Cybersecurity in 2021
Are you interested in learning more about cybersecurity in 2021? Connected Platforms is a dedicated business IT solutions provider and will work with your business to put effective systems in place to keep your entire team connected and productive. Call us anytime on (07) 3062 6932 or book a coffee meeting today and see how Connected Platforms can help you!