The Human Firewall – your last line of defence

by
Sam Pitruzzello
January 21, 2019

Now that 2018 is behind us, it’s worthwhile reflecting on what you can do to improve the security of your information systems and protect sensitive data.

This issue of cyber-security threats is no longer considered on the fringe of business operations, particularly if you’re running an SME or not-for-profit organisation. The reason is simple – the impact of a cyber security event can bring your entire operations to a standstill. In Australia, cyber-attacks are costing business and government more than AU$1 billion a year and rising (Gordon, 2018).

Furthermore, consider these sobering statistics (Clout, 2018):

  • 59% of Australian businesses are interrupted by cyber-crime every month
  • 55% of Australian SMEs expose themselves to cyber-crime through email and social media
  • 48,000 cyber-attacks were reported in Australia in 2017 – 43% of which targeted SMEs
  • 60% of SMEs hit with a significant cyber security event will go out of business within six months

This is a serious concern for any business that doesn’t have a plan in place to cope with cyber security threats. More importantly, simply implementing technologies such as spam filters, anti-virus/malware software and firewalls isn’t enough. Consider the fact that some large companies and government organisations have experienced significant cyber-security events despite investing large sums of money not only on technology, but have also put in place dedicated cyber-security experts who keep watch around the clock. A good example is the 2017 attack on the Australian Defence Force’s multi-billion dollar Joint Strike Fighter program and surveillance plan projects where 30 gigabytes of data were stolen including information on its warship and submarine fleet (Clout, 2018).

Cyber-criminals are becoming more sophisticated and can defeat just about any system and technology put in place. They are increasingly building their arsenal of attack vectors and continually search for weak points to access sensitive information. The weakest link is people. Cyber criminals know this so they use sophisticated methods including social engineering and advanced persistent threats (APT) to get to the information they’re after. Fortunately, there is something you can do – educate your people. This is important for one main reason – according to Dark Reading’s Strategic Security Survey almost a third of cyber-security events are caused by insiders – your trusted employees. In addition, the report found that 44 percent of organisations say authorised users and employees pose the greatest threat to data security and 61 percent of organisations believe negligent users will be the primary cause of a data breach in the next 12 months (Vijayan, 2018).

Cyber-security education and awareness is designed to keep people on their toes with security top of mind – all day every day. In essence, people are the last line of defence and the more educated they are on the variety of threats out there and how to spot malicious attacks, the lower the risk to the organisation. There are many cyber-security education platforms in the market. The best provide simulated email phishing and other social engineering attacks to determine what level your employees are at in terms of cyber-security awareness. These platforms conduct a risk assessment of an organisation then tailor an education and awareness program. Engage Consulting Group has partnered with a global provider of cyber-security education and awareness programs.

References:

Clout, J 2018, ‘More needs to be done by SMEs on cyber security: Angus Taylor’, Australian Financial Review, accessed 18 December 2018, <https://www.afr.com/technology/technology-companies/more needs-to-be-done-by-smes-on-cyber-security--angus-taylor-20180809-h13qh3>

Gordon, A 2018, ‘GSISS 2018: Cyber security spotlight on small business’, PWC Digital Pulse, accessed 18 December 2019, <https://www.digitalpulse.pwc.com.au/gsiss-2018-cyber-security-small-medium-enterprise/>

Vijayan, J 2018, DarkReading, ‘Data Breaches: Vulnerability Rising’, DarkReading.

More news

Engage consulting group creates long-term trusting relationships with our clients

How does your business compare? Demystifying strategic planning

by
Sam Pitruzello & Sarina Sorrenti
read more

If you fail to plan, you plan to fail… the strategic planning dilemma

by
Sam Pitruzello & Sarina Sorrenti
read more

7 Practices of Working Less Achieving More

by
Sarina Sorrenti
read more
View ALL
engage consulting group partners with business leaders to provide strategic advice and practical tools to support individual and business growth.
learn more

What we do

Strategic advisory

Achieve sustainable growth with high calibre strategic advisors, mentors and executive coaches

learn more

Learning & development

Develop your people to create future leaders and the right culture

learn more

Venture partnership

Accelerate business growth and innovation through proven business practices

learn more

Testimonials

"Since Sam joined the board at CartonCloud in the capacity of company secretary, he has contributed significantly to the strategic direction of the company while placing us on a path to better governance. He has been instrumental in CartonCloud securing large government funding which will take CartonCloud to the next level in terms of our software functionality and capability. I have gained from Sam’s vast business experience and is the consummate professional in his dealings with me and the broader CartonCloud team."

Carton Cloud

"Incredibly inspiring, caring and passionate about her work, Sarina has worked closely with me and my team over the past two years (during a very demanding period) in developing clear strategies for individual and team development. The sessions required open & honest conversations and no matter how challenging the conversations were amongst the team, Sarina always made sure the discussions were inclusive and that everybody left the sessions with a smile. I would highly recommend Sarina and we are all looking forward to working with her into the future."

Deakin University

"Sarina has partnered with Deakin for many years. Sarina develops highly effective development solutions after closely ascertaining needs and diagnosing problems. The feedback we receive from participants attending Sarina's sessions is always glowing, with many requests for Sarina to come and work with teams or individuals. I highly recommend Sarina and Engage Consulting."

Deakin University

"Through my professional journey, Sarina has helped me reinvent myself and focus on my aspirations. Her vibrant positive energy is contagious. Over the years she has helped me cultivate self-awareness, embedded the notion of mindfulness, and saved me from countless hours of frustration by sharing best practices to avoid common pitfalls as I transitioned through development. Sarina is not only my professional coach she is also my life coach and a wonderful source of wisdom. I can’t thank her enough… I am grateful for her support and feel privileged to have her as a coach"

CSL Ltd

"For many years Sarina has been a wonderful guide and support for me in my career. She has helped me to navigate my way through some challenging situations and worked to further develop my strengths and improve me where I have needed it. As I reflect on the work we have done together, I'm pleased that some of my weakest areas have, over time, become strengths. Now, many years later, I am enjoying seeing people in my team flourish as they, too, work with her. I can't speak highly enough of Sarinas' capability and her working style. I'm certain she would add considerable value to any company or any individual fortunate enough to work with her."

Gale Pacific

Contact

Get in touch

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Our details

Address

engage Consulting Group Pty Ltd

Suite 5, 210 Lower Heidelberg Rd

Ivanhoe East, Victoria, Australia 3079


ABN

86 104 175 402