Preparing for a cyberattack – by John Hines

Skills are front and center today with a jobs and skills summit in Canberra. With relations between Australia and a number of countries deteriorating, a shortage of cyber skills is threatening manufacturers. John Hines describes what can be done.

The cybersecurity skills gap in Australia is reaching unprecedented levels. The hunt for talented candidates is hotly contested and there are not enough experienced professionals to fill the number of job openings.

Reports have estimated that nearly 17,000 additional cybersecurity workers will be needed in Australia by 2026 and that current growth is not sufficient to fill the gaps in the medium term.

Take the Australian government’s huge investments in improving the cybersecurity capabilities of the Australian Federal Police and the Australian Signals Directorate, as well as the search for cybersecurity talent by the rest of government and private industry, and you get an idea of ​​how difficult it is for small businesses. medium-sized companies to compete

While efforts are underway to begin closing this gap, it will take time, and while we wait, the cyber threat to Australian businesses continues to grow.

What should be paid attention to?

Even with limited resources and a lack of cybersecurity expertise, there are ways organizations can help manage this risk.

Resources are available that can be a good starting point for security practitioners to seek data-driven, real-world views of what typically happens to businesses when it comes to cybercrime.

While not solving the current shortage of cybersecurity talent, understanding the most prolific threat actors and actions affecting assets can help inform IT and security teams where best to focus their resources and Their efforts.

For example, a record level of ransomware attacks are occurring right now – an increase greater than the last five years combined globally.

As organizations are now more aware of the reputational and financial risks that ransomware now poses, the sharp increase is a reminder that this method has proven to be the most effective route to financial gain for attackers.

While many of the underlying exploits have remained relatively constant over the past few years of the report, attackers are still able to achieve greater gains through social engineering, grassroots web application attacks, and hacking. system intrusion, which in the Asia-Pacific region accounted for 98% of breaches for organizations, according to research.

State-affiliated and nation-state actors with espionage motives were common in the Asia-Pacific region this year.

However, financially motivated crime remains the main threat actor, which has not changed over the past 15 years. Using stolen credentials is also four times more likely to be an access method than exploiting a vulnerability in this region.

Top Cyber ​​Threats for Manufacturing Companies and How to Counter Them

The manufacturing sector is a lucrative target for espionage, but it is also increasingly targeted by criminals through denial of service attacks, credential attacks and ransomware.

Manufacturing, with its buzz of machines producing the key components that make our modern lives possible, continues to be a popular target for cyber espionage – mainly due to recent indiscriminate supply chain attacks, which have become an increased means for malicious actors to gain access to a large and well-resourced target.

However, it has also become a lucrative target for financially motivated criminals looking to make a quick buck, and in fact, sensitive patterns and trade secrets are twice as likely to be breached in manufacturing breaches. than the rest of the industries.

There are a number of important steps businesses can take to reduce the risk associated with cyberattacks that don’t require the high-level skilled workers that are so hard to find today.

These are mostly quick and easy to implement things that could make all the difference, and things that organizations across all sectors should prioritize action on:

  • At the top of the list, any organization should implement two-factor authentication with all devices and apps and prevent reuse of all passwords.
  • The default credentials of the POS controller and other hardware and software should be changed, and all businesses should ensure that software updates are installed regularly and promptly.
  • And attackers target data and hold it hostage. Organizations must therefore identify, classify and securely manage organizational data in all its forms to prevent it from being exposed through email or misconfigurations. It is important to note that the correct classification of data will inform an impact assessment if the data is stolen/acquired.

It’s worth taking the time to audit and manage who has access to which accounts and if they really need access to that account. This is particularly useful for limiting the impact of brute force attacks and credential stuffing.

With evidence pointing to human error as a dominant trend implicated in 13% of breaches, it is also crucial that there is regular security awareness and skills training for all employees.

Human fallibility at all levels must be considered when considering cybersecurity – it is not just the domain of high-tech systems.

It is worth investing considerable effort in this aspect, because security is only as good as its least aware employee, and there is a world of cognitive risks that cybercriminals have at their disposal.

Closing the skills gap will take time, but in the meantime it is possible to focus on the primary ways in which cyberattackers will attempt to access data and systems with limited security teams.

John Hines is Head of Cybersecurity for Asia Pacific at Verizon Enterprise Solutions, where he leads a team delivering industry-leading security solutions to enterprises and governments in the Asia-Pacific region. John has also held various leadership positions at PwC, Trustwave and Cybertrust.

Photo: John Hines

Subscribe for free to our @AuManufacturing newsletter here.

Leave a Reply