The outbreak of COVID-19 has changed the way we interact and work with one another – both now and in the foreseeable future.
While social distancing requirements and lockdowns nationwide have forced us to adapt, it’s been wonderful to see the collaboration and embracing of digital solutions within our industry, ensuring citizens can settle property in spite of the circumstances.
But as Australians continue to navigate this online phase, there’s a key area in which we must remain vigilant – our cybersecurity.
- A cyber-attack occurs every 39 seconds.1
- Cybersecurity incidents cost Australian businesses an estimated $29 billion every year.2
- In 2019, phishing was the primary method used by hackers to scam Australian businesses, with reported losses of more than $1.5 million, almost doubling those experienced in 2017 and 2018.3
Currently, individuals are spending less time in their offices and more time working remotely, with heavier reliance on ‘access anywhere’ cloud-based services.
These tools provide teams and companies with great flexibility, enabling the transmission of information and documents on any internet-enabled device.
But while businesses safeguard their data with rigorous security measures, the work-from-home boom means employees are more likely than ever to be accessing potentially sensitive information on devices that do not have the organisation’s protective measures in place.
What should organisations consider to protect their employees and information?
- Have a strategy for which cloud services your business needs and ensure you have paid for enterprise-level accounts (if possible) with your chosen services – ensuring you get the cloud provider’s full suite of protection.
- Make sure your staff know what your preferred services are and take steps to ensure they use only these to manage your business or clients’ information.
- Enable multi-factor authentication (MFA) for any solution you have that can be accessed anywhere on the internet.
- Operate your company devices with a full suite of security protection deployed, including anti-virus, up to date operating systems and browsers.
Staying alert is even more critical in the COVID-19 climate, which is proving an attractive proposition for would-be criminals.
As recently as 19 June, the Australian Government informed the public it was responding to a sophisticated, state-based cyberattack.
This targeted organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure.
In addition, the Australian Cyber Security Centre (ACSC) confirmed it has observed an increase in COVID-19-themed malicious cyber activity.
This is a period in which people are constantly seeking information – and this specific, heightened demand for COVID-19 updates is being preyed upon by criminals.
The benefits of being able to work remotely and stay connected digitally are significant – but this flexibility must not compromise security.
With our workforce poised to become more digitally dependent in the months and years ahead, the COVID-19 cybercrime spike should serve as a timely reminder of the need to ensure due diligence.
David Willett is the General Manager of IT Security at PEXA.
1 Varonis: 107 Must-Know Data Breach Statistics for 2020
2 Australian Cyber Security Centre (ACSC): ACSC Small Business Survey Report: How Australian Small Businesses Understand Cyber Security
3 Australian Competition and Consumer Commission (ACCC): Scamwatch 2019.