The importance of safeguarding data is making headlines across Australia due to several high-profile outages and Distributed Denial of Service (DDoS) attacks in recent months.
The Australian government has acknowledged the issue and to tackle it, has placed cyber security firmly in the national agenda with the 2016 federal budget.
With Australia strengthening its defences against cyber attacks and making investments to educate the next generation of its ‘cyber army’, there is a lot of jargon and complex terms floating around – often unclear to many in the small business community.
But the threat of hackers and security breaches is very real, regardless of the size of the organisation. Entrepreneurs and business owners therefore must accept that a strong cyber-defence system can’t be a luxury in the modern world.
As the saying goes, knowledge is power. But when it comes to cyber security, technological evolution equals a constantly changing landscape.
With so much to learn, how does a small business get to the bottom of what really matters when it comes to security? It starts with getting the core concepts right.
Here are three cyber security terms that any Australian small business should understand.
The key to behavioural baselining is to understand normal behaviour so you can detect deviations from the norm.
We often see undetected attackers hiding in organisations’ networks for months – even years. Just this past October, we learned that cyber attackers linked to the Chinese government breached Samsung Pay provider LoopPay for months without anyone noticing.
With the right people, technologies, and fast access to forensic data, businesses can quickly spot unusual activity patterns and breaches before they turn critical.
As organisations get better at threat detection, the number of alerts their systems create starts growing.
This causes “alert fatigue”: too many alerts, not enough time. Just imagine knowing about all the accidents in an area but not having a mechanism to prioritise. Due to the inability to respond, breaches persist longer.
Active response is the ability to respond to an attack when it’s detected and can be fully automated or human-mediated. The goal of active response is to enable a business to make the best use of its people, process and technology through automation. This is crucial for small businesses with limited resources!
The purpose of security analytics is to provide actionable knowledge to the security team. It’s all about identifying trends and patterns across multiple data sources to mitigate systemic problems and uncover threats.
Attackers regularly target out of date or unpatched systems. To give an example, many industrial control systems (ICS) and infrastructure systems have been recently targeted due to ineffective and outdated defences. Security analytics in this case could be used to identify the number of vulnerable systems that are connected to the Internet, and then establishing how to protect these systems.
The Bottom Line
While most security threats touch larger organisations, Australian small businesses must consider where their vulnerabilities lie – a breach of customer data, for instance, has toppled down many promising small businesses in the past.
Security risks are heightened when businesses lack the ability to speak the same language as security professionals. And because of its rapidly changing nature, cyber security is a moving target.
It’s unreasonable to expect everyone in your business to be an expert in security, but making the risks easier to understand can go a long way toward safeguarding your business.
About the author
Simon Eid is the ANZ Country Manager of operational intelligence platform Splunk.