Globally, we are seeing a rising trend of app-centricity. There are apps within apps today where everything is connected and apps are digitalising everyday tasks — ‘buy now pay later apps’ have taken over the Australian retail scene and shifted online shopping. UbiPark in Melbourne directs consumers to free city parking spots which combats congestion, while Osko and Beam It allow for data payments to be made in real-time.

Moreover, we can now sign into different apps with our existing Google or Facebook accounts, without having to create new log-ins. While these features provide a fuss-free experience without the need of reinserting information and remembering passwords, this has also come at a price in terms of privacy and application security.

With increases in ownership of multiple connected devices in the home, millions of weak spots have also been created. Connected devices provide attackers with a larger surface area to strike, which is compounded because they often contain confidential information that points to personal assets.

The ongoing challenge lies in the fact that consumers demand convenience, which results in greater app usage. 46 per cent of Australian consumers use online shopping and retail apps because they are convenient. This is a key factor attackers rely on to exploit sensitive data.

In fact, there has been a progressive increase in the level of sophistication and stealth in which cybercriminals now operate to attack companies, governments, and consumers. Family Planning NSW was recently hit with a cyberattack which exposed and compromised the personal information of up to 8000 clients. These incidents highlight the need for businesses to ensure they have adequate technologies in place to prevent such attacks from occurring.

Cyberattacks are increasing and punishing businesses

Cybersecurity is of ongoing concern today, especially in Australia. DDOS attacks are increasing by 25 per cent each year, with the arrival of IoT botnets being a major source of attacks. Cybercriminals are expanding their scope to target a greater number of industries, with an 11 per cent increase in non-traditional sectors experiencing malicious activity in 2017.

Businesses, both small and large, must respond, or they could risk tarnishing the company’s reputation, leading to potential financial losses. Over 63 per cent of consumers would stop buying from a business that fails to adequately protect their data. As businesses and technologies evolve to face new security threats and increased network traffic, it is paramount that their networks are agile and configured to adapt quickly.

While not every cyberattack is preventable, businesses can minimise losses and unexpected downtime with a proactive security approach that will enable them to identify threats before they escalate. This will also provide them with visibility into mitigating future problems.

The rise of mobile malware attacks

The proliferation of apps has meant workspaces are no longer confined to the traditional four office walls. Digital workers today are increasingly demanding remote access and this includes sensitive company information.

While this practice of accessing confidential documents and databases via personal devices is popular and well-established, it does pose a significant risk to the security of a business. This is very much the case in Australia, where 48 per cent of Australians frequently use their personal mobile devices in the workplace to access emails.

Consequently, mobile malware is evolving in sophistication at an alarming rate and often spreads because users unwittingly download applications cyber criminals have deliberately infected. At least 34,000 Australians have been affected by 63 data breaches since February of this year when it became mandatory for organisations to report breaches that could cause serious damage to the privacy watchdog.

In the face of such threats, businesses have to take measures to reduce the likelihood and effect of such attacks. The first step is to install security software on business computers and devices, and ensure it includes filters such as antivirus, anti-spyware and anti-spam. This, along with a firewall, should help protect internal networks and portable business devices.

Cyber security inertia is leaving businesses vulnerable

The presence of cyber security inertia in Australia is rendering businesses vulnerable to attack. According to the CyberArk Global Advanced Threat Landscape Report 2018, 46% of Australian IT security professionals admitted to not updating or changing their security strategy, even after a cyberattack had occurred.

Cyber security inertia is preventing Australian businesses from learning from their mistakes, leaving them more vulnerable to cyber-attacks. This stems from a culture that fails to prioritise security. While Australia may be one of the most advanced regions in the world, some organisations have been slow to pick up the pieces after experiencing a cyberattack.

Businesses need to make cybersecurity a top priority by clearly communicating their security policies, educating their employees on how to detect potential threats of cyberattacks, and what to do when faced with such attacks. This can be achieved by incorporating cybersecurity into an employee’s ongoing training and education curriculum.

In order to test if employees have put their knowledge into practice, regular cybersecurity drills can be conducted to test readiness. Instilling ‘secure behaviour’ such as always using the company-provided VPN whenever connecting, avoiding access of sensitive information over public WI-FI networks, and regular changing of passwords, will go a long way in preventing unintended and accidental data breaches.

Businesses should not wait until a cyber-attack has occurred to implement cybersecurity measures. Adequate application technologies need to be implemented in a proactive manner to avoid leaving businesses vulnerable.

Jason Baden is Regional Vice President, A/NZ, F5 Networks

More related stories

Opinion

New rules protecting data centres

The Australian Government is making tough calls around the technology supply chain.

Read more

Technology

People key to digital evolution

Australian organisations are leaning too heavily on the technology when they should be focused on people.

Read more