Dynamic Business Logo
Home Button
Bookmark Button

Image Credit: FLY:D on Unsplash

Tips to address the most common cyber security mistakes to get ready for 2022

There is no doubt that the pandemic has catapulted cyber threats at the top of organisations’ business risks list. 

Almost 75 per cent of Australian businesses experienced as many as ten cyber incidents or breaches over the last year – the ACSC saw a 13 per cent increase in the cyber incidents reported.

Aussie SMBs were particularly impacted as out of the 65 per cent that suffered a cyber incident two out of three said it cost their business $645k or more

Businesses have invested in digital technologies that have produced complex IT systems with a huge number of interconnections, and as a result, produce more data than ever – aka hackers’ gold. 

They also have to secure a much more mobile, hybrid staff whose digital identities represent extra doors through which hackers can sneak in. 

The problem is not a lack of investment in cybersecurity but rather common mistakes that organisations keep making with their cybersecurity strategies. 

Common mistakes Aussie organisations keep making

Network monitoring and alert overload 

Network monitoring is an important part of any cybersecurity strategy. Most organisations today have one in place to help prevent breaches, but the way they are setting it up often overloads the system and employees with alerts, resulting in less efficiency. 

 When there are too many alerts, people tune them out. One of our customers repeated the same actions every two minutes: when a system became unavailable, they’d get an email alert – even when it was only down for a minute.  Every two minutes after that, the network monitoring tool kept emailing. People got so used to it that they started ignoring the alerts. 

Digital identities’ importance underestimated

With hybrid working now the norm and most operational processes happening online, every user trying to access a company’s system has a digital identity that needs to be protected. Many organisations prioritise external protections and forget how essential it is to authenticate users’ digital identities through proper credentials. 

With hundreds, sometimes thousands of users accessing the organisations’ various systems and applications, organisations can’t afford to leave digital identities unverified or unmonitored – it takes only one to create a major security gap.

Third parties ignored

Network monitoring and digital identities protection can only be effective if they include every user the organisation has to deal with, including third parties such as clients, partners and suppliers. 

Any single user that is not monitored on the network or verified through appropriate identity credentials is as much of a risk as an internal employee. A door open represents a security gap no matter who left it open. 

Three tips for smarter, more effective protections in 2022

Find breaches fast 

With a modern network monitoring tool, it is easy to set up email notifications and alerts for changes to the configuration of network devices and audit configuration against defined policies to identify potential threats. 

And to avoid alert overload, follow the wise adage “less is more”.  Make sure emails only go out when someone logs in to do something. Emails from the monitoring system that are sent and don’t require anyone to log in and do something should be considered spam, and the system needs to be reconfigured.     

Proactively monitor the network for suspicious activity before the breach has occurred

This can be done by choosing a network monitoring solution that offers complete visibility over the status of network devices, systems, applications and seeing everything in context. The insight will detect unusual usage that could indicate a security issue.

We’re working with a client in the financial services space that previously took at least 20 minutes to identify the cause and the location of a problem, and only after a call was received. Now, using a more effective, proactive network monitoring tool, they can instantaneously view where the problem occurs and take necessary action in a much timelier manner. 

Protect digital identities

It is vital the network monitoring solution used shows all the network elements, how they are configured and used, and most importantly, by whom. 

Every user transiting through the organisation, whether employees or third parties, needs to be protected with tight credentials based on user identity and strong authentication.

Avoiding common mistakes and focusing on these three priorities is a simple adjustment to make, and one that can make a real difference in Australian organisations’ level of cyber protection in 2022. 

Keep up to date with our stories on LinkedInTwitterFacebook and Instagram.

What do you think?

    Be the first to comment

Add a new comment

John Yang

John Yang

John Yang has been with Progress for close to three years, where he is currently the Vice President for the Asia Pacific and Japan (APJ) region. John has a wealth of experience in the technology industry, having worked for enterprise technology brands including HP and CA Technologies for over 25 years.

View all posts