Before we talk specifically about the The Australian Cyber Security Centre's (ACSC) recommended Essential Eight-cyber security mitigation strategy; let's put the situation in perspective.
Reports are continuing to reveal facts and stats on cyber security that are increasingly alarming for small and medium sized businesses (SMB's). There are more incidents and more dollars being lost than ever before. Let me take you through a few points.
Recently, The Australian Cyber Security Centre (ACSC) published the Small Business Survey Report: How Australian Small Businesses Understand Cyber Security. They received over 1700 responses. Some of the revelations from the survey are:
The latest Notifiable Data Breaches report indicates a rise in breaches (as reported under the guidelines for mandatory reporting). In the period July to December 2019, the main categories of reported breaches were:
The same report highlighted the top 5 industries being attacked the most:
It's no secret that I have a passion for auditing, analysing and developing & implementing strategies for cybersecurity mitigation. If I was to hone in on one 'go to' mitigation strategy, it would be the Essential Eight. It is a relatively easy to understand, 8 point strategy that in its whole, cover's all angles for cyber security.
The 8 essential points are under 3 distinct defensive lines:
Mitigation Strategies to Prevent Malware Delivery and Execution
Mitigation Strategies to Limit the Extent of Cyber Security Incidents
Mitigation Strategies to Recover Data and System Availability
The first and most blatant revelation here is that standard anitvirus software hardly gets a mention. An effective strategy is more behavioural and tangiable than it is digital and automated. And just like a business's physical premises needs a lot more than just locks on a door, a business's I.T. and data require many angles for effective cyber security.
If you have any concerns or ideas for your cyber security risk mitigation or even if you are not sure what you don't know, please give us a call for a no obligation discussion (on 02 4337 0700) or email me.
.....and here are some parting insights from the above mentioned ACSC survey.....
The most common barriers identified for small business owners to implement good cyber security practices are:
Tags: Services Security IT IT Consulting Networking Security Computer Software |