The threats posed by cybercrime have significantly evolved over 2022. Cybercrime continues to pose a global threat to economic and social prosperity, causing wide-ranging harm to its victims and broader society. This includes financial losses, emotional and psychological impacts, and the disruption of essential services.
Cybercriminals are resilient, opportunistic and borderless. While cybercriminals are increasingly sophisticated in how they pursue their illicit activities, advanced technologies, anonymising, and darknet marketplaces also mean it takes less skilled actors to engage in cybercrime.
Five key takeaways should be addressed by looking at what we know about cybercrime throughout 2022.
1. Lack of communication with employees
Employees are generally unaware of an organisation’s cyber controls and information security practices. They take little or no ownership of the issue.
2. Outdated ICT
Outdated IT hardware and software platforms are everywhere. Many organisations or individual users probably do not know whether their systems are outdated or current. This level of ignorance is a risk.
3. Lack of IS risk assessment
Failure to undertake a risk assessment of security systems and practices. Many organisations or individuals do not know the top five information security risks within their organisation, nor how or if they are being managed.
4. Cloud services not understood
Data assets usage, sharing or storage unknown. Ask an executive where their data is stored, and they’ll probably refer to the ‘cloud’ or name a SaaS provider. That’s only saying who they have passed the responsibility to, not actually the address or storage system holding masses of PII data.
5. IT role not understood
Information security is seen as an IT issue. However, it’s not the IT systems themselves that are the issue; it’s the people using them. Users who are uninformed and untrained are often one of the top five information security risks of an organisation.
When dealing with cyber security risk, there is no simple answer. Treat these five risks as a priority for 2023.
Include the following:
For further information or advice, please get in touch with ADIA at 0460 012 092 or ADIA’s Quality Consultant, Norine Cruse, at 0418 541 041.
Source: Securely Done (Jan 2023)