Secure your business

Cyber resilience: Managing risk in a digital world

Highlights
  • 59% experienced a distributed denial of service attack on at least a yearly basis.*
  • 30% experienced a business email compromise on at least a monthly basis.*
  • 26% experienced a malware/virus outbreak on at least a monthly basis.*

Smart businesses understand that cyber security means more than firewalls and encryption, it’s about people.

Understanding risk and managing it is essential for any successful business. This credo is especially crucial when doing business in the digital economy, in which technology, consumer behaviour and work practices are in a continual state of flux.

Man working in data server space

People-first approaches to managing your cybersecurity risks are vital to operating in today’s changing landscape. The Telstra Cyber Security Report 2017: Managing Risk in a Digital World, sets out the risks organisations face and offers guidance on managing those risks.

To help manage risk, Telstra has developed the “Five Knows of Cyber Security” – five simple questions for leaders to ask of their organisation. These questions shift the conversation from one that is purely  technical to one that engages the entire C-suite.

  1. Know the value of your data
  2. Know who has access to your data
  3. Know where your data is
  4. Know who is protecting your data
  5. Know how well your data is protected

However, even businesses that have had consistent executive engagement in the past will need to reappraise their approach to cyber security.

“Companies need to progress from layering security controls on top of their technology architectures and business and commercial processes, to embedding cyber security and integrating it into their business model,” the report explains.

“The key is to integrate cyber resilience into enterprise-wide management and governance processes.

“The companies that do this most aggressively will not only reduce their risk, but also increase their operating efficiency and improve their value proposition with customers.”

Ensuring deep organisational compliance

The threat of cyber attacks is neither theoretical nor limited to companies of any particular size or industry. More Australian organisations of all kinds are experiencing cyber attacks than ever before.

The heightened awareness of cyber security breaches and their impact on business have led to CEOs taking a more prominent role in cyber security. However, the report urges deeper security engagement across the business.

Sales, marketing, HR, internal auditing and legal affairs teams are often the most deeply engaged with an organisation’s data but generally have limited direct involvement with security initiatives.

“This demonstrates the need to improve communications and engagement across the silos within the business to ensure that the right business and security engagements are in place,” the report urges.

The report also recommends cyber security awareness training for staff and developing and enforcing social media and email handling policies within the organisation.

“The risks associated with staff and contractors using email or social media cannot be underestimated, where private and sensitive company information may be exposed due to malware infections or shared inappropriately,” the report says.

Security in a ‘perimeter-less’ world

Today’s organisations live in a ‘perimeter-less’ world. Those clearly defined physical boundaries in which IT infrastructure was housed have been pushed out, blurred, transformed and in some cases erased. It is critical that as a first step, organisations need to gain visibility of their assets.

The rapid adoption of cloud services, while delivering considerable agility and portability, presents security challenges. More than half of Australian organisations that have adopted cloud services consider data theft their number-one risk.

Mobile malware is expected to take over traditional malware as the popularity of mobile devices increases. Traffic from wireless and mobile devices is expected to account for 66 per cent of total internet protocol traffic by 2020.

The rise of mobile applications and cloud-based environments also mean there is a heightened risk of malware spreading throughout an organisation’s IT environment from sources not directly managed by the IT department.  

Given the multiplicity of threats and the emergence of new vulnerabilities, the question is how to know and prioritise addressing vulnerabilities.

Regular testing and review of incident-response plans are recommended to reduce recovery times and the impact to business continuity.

When conducting business in the digitised world, integrating cyber-resilience into all aspects of the organisation and connected third-parties is imperative.

“Cyber security is everyone’s responsibility and it needs to be built into the DNA of the organisation,” the report concludes.

“How well organisations respond to this challenge may well be an indicator of how successful they will be in the future.”

Learn how to proactively defend your business, brand, infrastructure and information assets against internal and external threats, with the Telstra Cyber Security Report 2017.

Learn more

*Telstra Cyber Security Report 2017: Managing Risk in a Digital World    

Related News

Choosing the right network partner
Reach global markets
Reach global markets
Choosing the right network partner

You need a trusted network partner to support your business’ growth. We look at the questions you need to find that partner. An effective digital strategy is a prerequisite for...

Think as one: Bringing your cloud and network together
Optimise your IT
Optimise your IT
Think as one: Bringing your cloud and network together

When your underpinning network and cloud foundation work as one, the promise of innovation can become a reality. Learn how to converge your network and cloud. Together, the ne...

A woman using virtual reality headset
Secure your business
Secure your business
The future of security: Threats, trends and investments

From rising budgets to machine learning, we look at the future trends changing the Australian security landscape. With the security landscape continuing to grow more complex, w...

Better together: Electronic and cyber security convergence
Secure your business
Secure your business
Better together: Electronic and cyber security convergence

Aligning your approach to physical security devices with your cyber security strategy is giving Australian organisations greater visibility over their security estate. Across A...