There is no doubt that the pandemic has catapulted cyber threats at the top of organisations’ business risks list.
Aussie SMBs were particularly impacted as out of the 65 per cent that suffered a cyber incident two out of three said it cost their business $645k or more.
Businesses have invested in digital technologies that have produced complex IT systems with a huge number of interconnections, and as a result, produce more data than ever – aka hackers’ gold.
They also have to secure a much more mobile, hybrid staff whose digital identities represent extra doors through which hackers can sneak in.
The problem is not a lack of investment in cybersecurity but rather common mistakes that organisations keep making with their cybersecurity strategies.
Common mistakes Aussie organisations keep making
Network monitoring and alert overload
Network monitoring is an important part of any cybersecurity strategy. Most organisations today have one in place to help prevent breaches, but the way they are setting it up often overloads the system and employees with alerts, resulting in less efficiency.
When there are too many alerts, people tune them out. One of our customers repeated the same actions every two minutes: when a system became unavailable, they’d get an email alert – even when it was only down for a minute. Every two minutes after that, the network monitoring tool kept emailing. People got so used to it that they started ignoring the alerts.
Digital identities’ importance underestimated
With hybrid working now the norm and most operational processes happening online, every user trying to access a company’s system has a digital identity that needs to be protected. Many organisations prioritise external protections and forget how essential it is to authenticate users’ digital identities through proper credentials.
With hundreds, sometimes thousands of users accessing the organisations’ various systems and applications, organisations can’t afford to leave digital identities unverified or unmonitored – it takes only one to create a major security gap.
Third parties ignored
Network monitoring and digital identities protection can only be effective if they include every user the organisation has to deal with, including third parties such as clients, partners and suppliers.
Any single user that is not monitored on the network or verified through appropriate identity credentials is as much of a risk as an internal employee. A door open represents a security gap no matter who left it open.
Three tips for smarter, more effective protections in 2022
Find breaches fast
With a modern network monitoring tool, it is easy to set up email notifications and alerts for changes to the configuration of network devices and audit configuration against defined policies to identify potential threats.
And to avoid alert overload, follow the wise adage “less is more”. Make sure emails only go out when someone logs in to do something. Emails from the monitoring system that are sent and don’t require anyone to log in and do something should be considered spam, and the system needs to be reconfigured.
Proactively monitor the network for suspicious activity before the breach has occurred
This can be done by choosing a network monitoring solution that offers complete visibility over the status of network devices, systems, applications and seeing everything in context. The insight will detect unusual usage that could indicate a security issue.
We’re working with a client in the financial services space that previously took at least 20 minutes to identify the cause and the location of a problem, and only after a call was received. Now, using a more effective, proactive network monitoring tool, they can instantaneously view where the problem occurs and take necessary action in a much timelier manner.
Protect digital identities
It is vital the network monitoring solution used shows all the network elements, how they are configured and used, and most importantly, by whom.
Every user transiting through the organisation, whether employees or third parties, needs to be protected with tight credentials based on user identity and strong authentication.
Avoiding common mistakes and focusing on these three priorities is a simple adjustment to make, and one that can make a real difference in Australian organisations’ level of cyber protection in 2022.