Within Subnet we always talk about, reference, and measure ourselves against our core values. Unlike many organisations I've been a part of, instead of pushing values down from the top we created our values by asking our team who we really are. Our team came back with the values of Being Valuable, Being Passionate, Being Responsible, and Being Part of the Community which really aligned to Subnet's 'Why' of - To Make a REAL difference, through our experience and our excellence.
This International Women's Day IWD (8th March) theme asks our workplace, our communities and each of us individually to take responsibility for our own actions and thoughts to #BreaktheBias. Whether deliberate or unconscious, the bias makes it difficult for women to move ahead in the industry. Knowing that bias exists isn’t enough, however, action is needed to level the playing field.
The Subnet Family has been working for many years to improve equality and diversity for all in the organisation, and over the last few years, we have made real advances. This year we are really kicking it up a notch, as the whole Subnet crew take it on ourselves to improve the level of equality not only for our business but throughout the entire technology industry in Australia.
September '21 had a lot going on in the land of Cybersecurity - seeing the release of 3 major vulnerabilities and exploit Proof Of Concepts (POCs) for Apple IOS (iPhone), Exchange Autodiscover, and VMWare vCenter Bad Packet. We'll go into some depth of these exploits, but I would like to first make an announcement.
In the previous blog, we analysed the key trends that emerged out of ACSC Annual Cyber Threat Report (2020-2021). To summarise, in the last financial year, ACSC reported an increase in the number of reported cyber crimes perpetuated by individuals, groups and state actors alike, including:
- Over the course of 2020 - 2021 financial year, the ACSC received over 67,500 cybercrime reports, an increase of nearly 13 per cent from the previous financial year.
- The increase in volume of cybercrime reporting translated to one report of cyberattack every 8 minutes compared to one every 10 minutes reported in 2019 - 2020 financial year.
- Self-reported losses from cybercrime totalled more than $33 billion.
- ACSC received over 22,000 calls on the Cyber Security Hotline – an average of 60 per day and an increase of more than 310% from the financial year 2019 - 2020.
- A higher proportion of cyber security incidents reported in the financial year 2020 - 2021, was categorised by the ACSC as ‘substantial’ in impact.
They say hindsight is 2020, and in this case, we're glad that 2020 is behind us. Fires and Viruses and Explosions (oh my!). During the course of the (ongoing) pandemic Australians, businesses and individuals saw an increased dependence on the internet - Working from home, accessing information and staying in touch with colleagues, friends and family. We saw many people lose their jobs and certain sectors struggle with the change and others collapse entirely. Due to the increased reliance on the internet, we also saw an increased attack surface and an increase in cybercrime activity. On a year-on-year basis the ACSC saw an increase in cybercrime reports of 13%, totalling some 67,500 reported incidents, roughly translating to 1 attack every 8 minutes and impacting every business sector and government agencies at all levels. An important takeaway is these are only the events we know about. The pandemic saw an acceleration in Cybercrime, but also in the sophistication of the attacks. Subnet has been developing a defence in depth strategy in alignment to ISO27001, ISM & Essential 8, and NIST frameworks to help our partners develop and grow their security through a step by step maturity journey.
The ACSC report identifies a couple of key attack trends and threats as follows:
As the number of cyber attacks around the world continues to grow, organisations of all sizes, including not-for-profits, are faced with a very real threat. So, how prepared are you? According to ACSC Annual Cyber Threat Report July 2019 to June 2020, over 2,200 cybersecurity incidents were reported by Australian businesses between 2019 and 2020. While the majority of large companies have security strategies in place, there are still many smaller organisations who are yet to take the necessary steps to minimise their risk.
Unfortunately, many not-for-profits find themselves under-prepared, which can now directly impact getting grants or funding, as basic security measures are requested by many businesses and government agencies prior to providing funding.
The good news is that you don’t need big budgets and endless resources to tackle cyber security. There are plenty of simple and affordable steps you can take right now to protect your organisation.
Here are 7 top security tips that will minimise your risk today.
Australian organisations are increasing their spending on cybersecurity measures in response to the growing risk of cyberattack. Approximately $5.6 billion was spent on cybersecurity solutions in Australia during 2020, and that figure is anticipated to rise to $7.6 billion by 2024.
With the recent news on JBS Foods, the world's largest meat processing company, having fallen victim to a cyber-attack1 that led to a shutdown of its production facilities worldwide, the conversation on cyber-security and the steps that businesses need to undertake to ensure 'lights remain on' needs to be at the top of the stack. At Subnet, our focus continues to be on educating and implementing proactive solutions that secure businesses' IT operations from external threats and internal incidents. In this blog, the fourth in the series (see links to the previous in the footnote), we touch on the measures that businesses need to implement to secure employees working from home.
Welcome to part three of our five part blog series on Cybersecurity 2021. ICYMI (in case you missed it) here is the link to the first tow article, in the series:
With a cyberattack occurring every 39 seconds, organisations cannot afford to be complacent when it comes to cybersecurity.
Welcome to the second article in the five-part series on Cybersecurity 2021. ICYMI (in case you missed it) here is the link to the first article - Five signs that your organisation is at high risk of cyberattack - in the series.