Tommy Shin, Chairman of Lateral
The 2020 Lateral INCITE Awards serves as a great example of how to successfully pivot from physical events, to virtual events. The quick thinking and adaptability of the organisers took the awards into new territory. Using digital technology to facilitate attendance, inclusiveness, presentation and collaboration. Not only did the event provide a platform for the Western Australian IT industry to gather online, but allowed participants to attend from around the world.
Digital Transformation quickly became a buzzword in a COVID world. Really this transformation to online has been happening steadily, but now we see a rapid acceleration.
It also has given Management, Shareholders and Stakeholders a reality slap in the face on how reliant we were on the traditional way of conducting business.
With all the advantages that come with that, there is unfortunately a darker side. An increasing digital presence undoubtably means an increased target for cyber-security attacks.
As technology improves so do the tools available to hackers and criminals. The attacks become more sophisticated. Average hackers with new tools become “good” hackers. The recently established government Australian Cyber Security Centre (ACSC) under the Australian Signals Directorate (ASD) conducted a survey of small business in June 2020.
There are 144 reports of cybercrime a day that is 1 every 10 minutes. The ACSC receives approximately $300,000,000 million per year estimated annual losses to cybercrime.
- 62% of respondents have experienced a cyber security incident.
- 80% cyber security as ‘important to very important’.
- 50% reported they spent less than $500 on cyber security per year.
Lateral has seen an unprecedented demand for cyber security audits and assessments from small retail stores to large national corporations on how vulnerable their software application is too malicious and/ or unintended leaks.
These days you need more than just a check that your firewall rules on your router are adequate or that you have an antivirus package installed.
For example, we provided application reviews for customers that highlighted issues such as:
- Credit card details being covertly stored and sent back to the original overseas developer.
- A security app targeted for children purporting high-grade security not encrypting chat messaging.
- Inadequately secured API allowing all user details and confidential information being extracted with a single call to the API.
- A password-protected database of patient, medical treatment data that we cracked with 5 minutes with easily available tools.
- A sophisticated Office 365 phishing email using hacked cloud services and unpatched servers in Canada.
- An application built for thousands of users crashing after less than one hundred due to bad and outdated coding practices.
Our list is much longer, but that gives you an idea of what’s out there. So, what can you do?
Well you wouldn’t shut your bricks and mortar store because you may get robbed.
So similarly, there are many things you can due to lower your risk, some easy, some more complex:
- If you have concerns or just want a review, get a cyber audit done. This is more than just hardware. Make sure it covers applications, especially any custom developed ones.
- There is a lot of information online. Checkout the guides put out by ACSC using data from the survey link above to develop guidance materials tailored to need of small businesses.
- Consider cyber insurance. We have high security skills and we still have it.
- Make sure you know the reporting requirements under the Australian Notifiable Data Breaches (NDB) scheme.
Possibly look at moving data or apps to the reputable cloud providers. They spend more on security they you ever will (or need too). If you are getting new software built, make sure the developer can spell out the security steps they are putting in place in somewhat plain English.
Digital transformation is a reality and there are undeniably many benefits to be gained. While there are risks, they can be effectively managed once you are aware.
And for anyone who remembers Hill Street Blues and times of doing business very differently… Article written by Tommy Shin, Chairman, Lateral
