Importance of Cyber Security

Cyber security is about protecting your technology and information from accidental or illegal access, corruption, theft or damage.

It is important for businesses to protect their digital information which they create and store as well as information collected from consumers and clients. Providing a secure system is critical to protect businesses from cybercrime and to build and maintain a client’s trust in your business.

Cyber-attacks can happen through criminals who are looking to access information and data in  businesses relating to employees and customers. They might do this by theft or unauthorised access to hardware, computers and mobile devices, infecting your computer with malware (such as viruses), attacking your technology or website, spamming you with emails containing malware etc.

One of the ways a business can protect their information is through the use and knowledge of Australian Cyber Security Centre which was created by the Australian Government to improve and protect cyber security.

The function of the Australian Cyber Security Centre

The Australian Cyber Security Centre (ACSC), is the successor to the Cyber Security Operations Centre and is the Australian Government’s lead agency for cyber security. Stemming from the recommendations of the 2017 Independent Review of the Australian Intelligence Community, the Prime Minister at the time, Malcolm Turnbull, announced that the role of the ACSC would be strengthened and that the Prime Minister’s Special Adviser on Cyber Security, Alastair MacGibbon, would assume the responsibilities as the Head of the Centre.

The role of the ACSC is to:

• respond to cyber security threats and incidents as Australia’s computer emergency response term (CERT);
• collaborate with the private and public sector to share information on threats and increase resilience;
• work with governments, industry and the community to increase awareness of cyber security; and
• provide cyber security information, advice and assistance to all Australians.

The ACSC leads the Australian Government’s efforts to improve cyber security. The ACSC monitors cyber threats across the globe 24 hours a day, seven days a week, in order to alert Australians early on as to what they can do if they are at risk of a cyber-attack.

The ACSC includes staff from the:

• Australian Criminal Intelligence Commission;
• Australian Federal Police;
• Australian Security Intelligence Organisation;
• Australian Signals Directorate; and
• Defence Intelligence Organisation

Mitigation Strategies

While there are no set of mitigation strategies that will guarantee protection against all cyber threats, the ACSC have developed mitigation strategies to help cyber security professionals in all organisations to assist with mitigating cyber security incidents caused by various cyber threats.

Prior to implementing any of these mitigation strategies, organisations need to identify their assets and perform a risk assessment to identify the level of protection required from various cyber threats.

A few practical areas that can help organisations mitigate the threat of cyber security incidents include mitigating risk around business emails and industrial control systems.

Business Email Compromise

Business email compromise involves adversaries using social engineering or targeted cyber intrusion techniques to abuse the trust in the target organisation’s business processes with the usual goal of committing fraud. Some examples of fraud include conducting unauthorised transfers of money or obtaining personal details to commit tax fraud.

Mitigation guidance for business email compromise includes:

• Educating employees around:
  • who can perform money transfers and how to look out for certain emails that are scam emails;
  • avoiding publicly disclosing the contact details of other employees and themselves.
  • blocking spoofed emails by using Sender Policy Framework or Sender IDs to check incoming emails and to reject emails that have the organisation’s domain as the email sender but do not originate from email servers approved by the organisation; and
  • avoiding registering domains that look very similar to the organisation’s domain when letters such as ‘I’ and ‘o’ are replaced by digits such as ‘1’ and ‘0’.

Industrial Control Systems

Industrial control systems leverage operational technology (OT) environments, which include components such as electronic sensors as well as systems such as networked computing hardware. This equipment is often used to monitor or control industrial equipment typically to support operational reliability and safety functions.

Mitigation guidance for industrial control systems, such as OT assets including supporting computers etc which are critical to the organisation’s ability to deliver essential services includes:

• restricting network connectivity with IT environments and with the internet where possible;
• ensuring that only authorised code can be introduced to OT environment and run, by controlling removeable storage and media and connected devices, implementing application control where possible, and considering the use of code signing; and
• using vendor-supplied applications and operating systems, and patch associated security vulnerability in a timely manner as soon as possible.

Lavan comment

There are many mitigation strategies that can be implemented to protect the cyber safety of your organisation. The concept of allowing only approved applications or network communications is a key theme of the mitigation strategies initiated and recommended by the ACSC.

If you or your business organisation would like further advice or assistance on how you can best protect or minimise any risk with respect to your technology and information of your business, please reach out to Iain Freeman or Kristy Yeoh.