Top Three Cyberthreats For NZ Organisations

Preventing Cyberthreats

There has been a significant increase in targeted cyberattacks on organisations since COVID-19, and these attacks are unlikely to subside any time soon. In fact, the rapid growth of smart devices used to access organisational tools and information, and the prevalence of employees working remotely, will only broaden the attack surface for cybercriminals in future.

Today, there are thousands of cyberthreats that pose a risk to businesses.  With a cyberattack occurring every 39 seconds on average it’s a matter of when, not if, your organisation will be targeted by cybercriminals. ^[1]  There are three key threats that pose the greatest risk to organisations today:

1. Email based threats and exploitation

Cybercriminals have been using email to exploit victims for a long time. However, gone are the days when you could easily identify a financial scam after receiving an email from a ‘prince’ in a foreign country. Cybercriminals have become more sophisticated as our technologies advance, and the ways in which they exploit victims has changed. Some of the most common attacks include:

• Phishing: phishing is possibly the most common form of cyberattack. Phishing emails appear to come from a reputable source, and typically include requests to click a link or open an attachment.
• Spear phishing: a more sophisticated form of phishing, spear phishing is more targeted and may appear to come from someone within the target’s own network, making it more likely that the recipient will fall for the scam.
• Ransomware: a form of malware that encrypts files, ransomware is commonly sent via phishing emails and downloads to the victim’s device once opened.

As these attacks are common, there are reasonably simple ways you can defend your organisation. First, it’s important to install tools that protect the organisation and prevent data loss, such as advanced email threat protection software. It’s also essential to invest in education for your employees to ensure they understand cyber risks and how to identify scams and threats. Consider conducting regular training sessions with all employees and sending regular mock phishing emails to workers to keep them vigilant against threats.

2. Hacking

Hackers will typically access your organisation’s network via ransomware or exploiting security vulnerabilities in your system. This opens your organisation to great financial and reputational risk, as well as potentially exposing your customers and partners to risks as well. Having multiple layers of defence is the most effective way to strengthen your organisation’s security posture and reduce the risk of failure in network security. Multiple layers of protection mean that, if one layer fails, another can sure up the organisation’s security. This involves investing in technologies like firewall and network protection to provide a privacy and security environment that both your employees and customers can trust.

3. Data leakage

The rise of remote-working practices in 2020 has greatly increased the risk that employees pose to organisational security. The prolific use of external smart devices that need encryption to connect to organisational networks have increased the attack surface that can be exploited by cybercriminals, as well as the number of potential points of entry that can be breached. To defend against data leakage through risky access points, it’s essential to invest in multifactor authentication to protect devices and applications. The IT team also needs a comprehensive, up-to-date list of all devices connected to the organisation’s network.

Identifying the right tools and technologies to protect your organisation from a breach and defend it against cyberattack can be complicated. There are four key capabilities to look for in a cybersecurity solution. For more information, download Cyclone’s free checklist today, or contact the Cyclone expert team to discuss the safest and most cost-effective cybersecurity approach for your organisation.

[1] https://eng.umd.edu/news/story/study-hackers-attack-every-39-seconds