Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Hacked: It could happen to you

Brian Karlovsky | Sept. 20, 2013
There are lessons to be learned from the Melbourne IT hack

Whitegold managing director Dominic Whitehand said the most prevalent threat was spear phishing, but that the most feared was advanced persistent threat (APT). He also likened hackers to drug cheats, alluding to the premise they would always be one step ahead.

"Organisations are facing APT's which are a whole new level of attack," he said.

"With APT's, the hackers are usually large, organised groups that have the wherewithal to usea wide variety of intelligence-gathering techniques to access sensitive information. The use of APT's is often referred to as 'Hactivism'."

He said APT's were a "massive, growing problem" and that recent cases had involved small businesses, including dentists and legal practices, being held to ransom with stolen patient of client information.

Websense managing director A/NZ, Gerry Tucker, said many companies had previously looked at security as just another compliance measure to tick off at minimum cost.

"We are now seeing organisations looking at security in a very different way," he said. "Modern companies today are those that are saying security is driving a competitive advantage."

Top 5 security practices
1. Awareness training is key. Ensuring that your staff have the right knowledge to protect themselves both at work and at home goes a long way to mitigating these attacks. - Kiandra IT's Daniel Weis

2. Speak to distributors who are knowledgeable in IT Security issues and who hold a good range of security technologies. Companies should also consider having some of their IT engineers/consultants (if they have any) trained to industry standards such as Certified Information SystemsSecurityProfessional[CISSP) and others. - Whitegold's Dominic Whitehand

3. Have a holistic approach to information security which includes the three dimensions: people, process and technology. solutions provider could best achieve this through complying to a standard such as ISO27001. - Southern Cross Computer Systems' Ashutosh Kapse.

4. The key is to ensure that a breach in one system will not be able to bring an organisation down on its knees as there will be other layers of protection. - IDC's Vern Hue

5. One of the major hurdles to IT security has always been funding. If companies start to plan and allocate budget for testing, and combine this with consistent review and improvements on the IT security side of the network, it will reduce risk and greatly improve their security stance. - Kiandra IT's Daniel Weis

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.