Cyber Risk Leaders Magazine - Issue 4, 2021

Page 48

Cyber Security

Protecting company data in the event of a breach

T By Daniel Lai, archTIS CEO

48 | Cyber Risk Leaders Magazine

he Reserve Bank of New Zealand became the latest major organisation to suffer a serious and malicious cybersecurity attack in January this year when it’s third-party file sharing system was hacked. In its latest update on the event, RBNZ said the nature and extent of the breach was still being investigated, and that some commercially and personally sensitive information may have been illegally downloaded. Investigations into the attack were continuing, though the breach was said to be contained. RBNZ isn’t alone in its recent cybersecurity suffering. Just last year, the Australian Government was forced to respond to a breach which resulted in the details of thousands of MyGov accounts put up for sale on the dark web. Regis Healthcare, Melbourne TAFE and the Department of Home Affairs also faced major security breaches to their data systems in 2020. Unfortunately, in today’s cybersecurity landscape, it may only be a matter of time before your organisation falls victim to an attack too. Research by Accenture in its 2020 Cyber Threatscape Report found that the COVID-19 pandemic had resulted in businesses being increasingly exposed to opportunistic cyber threats, including phishing campaigns, discontinuity

of information security operations and long-term financial constraints. The report warned that the ongoing economic fallout as a result of the pandemic could create serious financial challenges for companies’ information security operations. Meanwhile working from home policies further exposed companies to cyberattacks, as employees relied on lesssecure home Wi-Fi routers and VPN connections to do their jobs rather than company infrastructure.

How can data be protected in the event of a breach? While New Zealand’s central bank hasn’t yet provided many details about the breach, it’s likely that the hacked thirdparty file sharing system was cloud-based. Most breaches of this type are generally caused by a compromised user account, via malware, phishing or by over-sharing, where an anonymous URL is shared without requiring the individual user to authenticate. In most security software and with many security policies, the login process is not robust enough to guarantee that a logged in user is who they say they are, in

Turn static files into dynamic content formats.

Create a flipbook

Articles inside

TECH & SEC WEEKLY & MYSECURITY PODCAST

2min
pages 64-65

Culture Shift of IT security in agile world

8min
pages 60-63

Securing the modern workforce: Zero Trust in a SASE architecture

6min
pages 58-59

Container Forensics - What to do if containers get compromised

4min
pages 48-49

Big SaaS-pectations

5min
pages 44-45

Why your access control system could be compromising your security

4min
pages 42-43

How the disposable nature of tech is putting your businesses data at risk

3min
pages 40-41

Why 5G matters in a world of IoT, VR, AR, AI and Edge

7min
pages 32-35

How old school back-up is holding back the IT industry

3min
pages 46-47

Singapore FinTech Festival 2020

10min
pages 10-13

Make digital risk part of the board discussion

5min
pages 18-19

How to assess, report and minimise cyber risk

8min
pages 20-23

Education is Essential for ICS Cyber Security Preparedness

5min
pages 26-27

The case for vendors in public-private advisory committees

3min
pages 14-15
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.