Security Breach – 31 Oct 2019

Security Breach – 31 Oct 2019

Australian CEOs Fail to Appreciate CyberthreatAustralian CEOs Fail to Appreciate Cyberthreat

Today, data breaches are top-of-mind for companies and consumers alike; however, those concerns appear don’t appear to have made it all the way to Management.

According to a recent survey of Australian executives, those in leadership positions significantly overestimate their company’s cybersecurity capabilities, exposing a serious disconnect between decision makers and those charged with securing a company’s data.

For example, 63% of CISOs surveyed said that their company experienced a data breach in the past 12 months, but only 6% of CEOs shared this viewpoint. Similarly, 44% of CEOs thought that their company was prepared to respond to a cyberthreat, while only 26% of CISO’s were confident in this assertion.

This disparity doesn’t just relate to technological capabilities. 69% of CISOs view cybersecurity as an integral part of their business plan, and only 27% of CEOs saw it as a bottom-line issue.

Other surveys have shown that cybersecurity professionals are quickly becoming overwhelmed by their jobs, and many are considering leaving the field altogether. Without support from top-level executives, this problem will only get worse, which means that data security will become more problematic.

Recent Breaches

Australia – Get – Online ticketing platform

Exploit: Exposed database

Risk to Small Business: Severe: An error in the platform’s search option allowed all users to access the personal details for thousands of the platform’s customers. Although the company acted quickly to fix this oversight, the error was entirely preventable. This isn’t the company’s first data security incident. This could negatively impact the company’s competitive ability going forward, as consumers are increasingly unwilling to do business with a company that can’t secure their information.

Risk to Exploited Individuals: Severe:  The exposed data includes names, phone numbers, and email addresses, but financial data was not exposed because Get does not store this information. The compromised details can easily be used in spear phishing campaigns to trick unsuspecting users into providing even more intimate details. Therefore, those impacted by the breach should be especially critical of unusual communications or account activities.

Customers Impacted: 50,000

New Zealand – Competitive Pest Services – Pest control service

Exploit: Insider data theft

Risk to Small Business: Severe:  Before leaving the company, a former employee downloaded customer data and shared it with his new employer. The information was then used to solicit business from Competitive Pest Services’ customers. In response, the company has updated its data security software to restrict access to sensitive company data and notify IT admins when information is downloaded. Unfortunately, reactive responses cannot secure customer data, and it likely won’t help restore consumers’ confidence in their data management practices.

Risk to Exploited Individuals: Severe:  Personally identifiable information was limited to customer names, addresses, and phone numbers. However, this is more than enough information to perpetuate additional cyber-attacks that could compromise even more sensitive data. Therefore, those impacted by the breach should carefully monitor their identity information, and they may want to consider enrolling in identity monitoring software to provide long-term oversight of their information.

Customers Impacted:  Unknown

Being proactive in developing a cyber-security plan can be the difference in successfully defending a breach or losing millions to a harmful attack.

Protect your data, privacy and reputation, talk to a TCT sales team member today.

Robert Brown

Follow us on LinkedIn:

Related Articles:
Businesses underestimate the threat of stolen employee data
Australian Consumers Demand Data Security

Log a Job: