As Secure As Practical (ASAP) – As Soon As Possible.
In the past few months of 2022 in Australia alone there have been a number of significant cyber breaches across many of our major brand names and this terrible trend is poised to continue to get worse until such time as our organisations uplift their security posture to what is a Minimally viable Protection level.
The Australian brands being targeted at present are simply the start of an avalanche that is on its way to hitting really hard in the next 12 months and we must stay ahead of the criminals targeting organisations today, they have all the time in the world to attack, where as businesses do not have the same luxury.
Breaches include organisations such as:
- Optus (insecure infrastructure)
- Medibank including AHM (unknown)
- Telstra (3rd party supplier, compromised email addresses)
- MyDeal / Woolworths (3rd party supplier breach)
- Harcourts Melbourne (user account compromise)
Side Note: The medias “responsibility” here is to simply report a catastrophic failure as it sells advertising and the reality of some of these “breaches” is that little is known about what data has actually been ‘stolen’, for example the Harcourts ‘Breach’ being a compromised third party user account may be a number of viewed records, or it may be an export of the entire database.
These names are just scratching the surface of businesses in Australia and globally that are being targeted today in 2022 and is not a comprehensive list by any means.
ASAP, as soon as possible!
It is now time to remove the blindfold and work out how to improve our collective security posture and finally become Secure enough to minimise the extent of a cyber attack, fortunately getting to Minimally Viable Protection level is not complicated nor necessarily expensive to achieve except in planning, design and implementation.
First step
If your business is coming from a place of little to no cyber security controls in place, then read the following guide, it is the Australian Victorian Government Office 365 Security Guide. The details within provide a place to start for organisations to adopt the Australian Signals Directorate Essential Eight (ASD8) controls which by themselves reduce risk of cyber attack by 85% – statistics are often misleading but in this case corroborated by the ACSC.
Second step
Adopt these capabilities, they are in your Microsoft licensing if you have M365 Business Premium, M365 E3 and above, some F licenses and other individual SKUs:
- Multifactor Authentication (MFA) for all users, caveat for “Break Glass” admin users please follow specific guidance for those emergency accounts.
- Deploy Email security – the number one (and two) attack vector is our staff through emails
- Use an Endpoint Management solution, for patching of Operating systems and vulnerability management
- Implement Attack surface reduction rules, Tamper protection, Anti virus rules on all endpoints
- Continue through the ASD 8 controls and the broader ACSC 37 mitigations (I created this XLS to assist with a scorecard) to Maturity level 3 if practical or to where your organisation is now secure.
ASAP Summary
The Australian government through the Australian Cyber Security Centre has created an excellent resource for all businesses in Australia (and overseas) to enhance their cyber security resilience.
The cost to implement better security hygiene is mostly in time and effort rather than licensing if your organisation has Microsoft M365 licenses.
Complete the items above to start on your cyber resilience journey, if you need assistance with these mitigations then reach out to your trusted partner or I can help here but do not wait for your business to become a victim, it is easy to not be a victim by doing some very basic things.
Your organisation may need to proceed further than the above steps and Microsoft solutions may not get you to where you need to be ultimately but being ASAP (As secure as Practical) secure starts with using what people, process and tools you have available today before looking to the broader market for add-on capability.
Be As Secure As Practical (ASAP) – As Soon As Possible …. please
Leave a Reply