Don’t be scared, be prepared: Simple steps to combat cybercrime

While COVID-19 continues to paint an uncertain picture of the future, one thing we can be sure of is the rise of cybercrime in Australia and New Zealand. 

During the 2020–21 financial year, the Australian Cyber Security Centre (ACSC) received over 67,500 reports of cybercrime, an increase of almost 13 per cent from the previous financial year. 

And it’s a similar story across the ditch, where New Zealand’s Computer Emergency Response Team witnessed a whopping 53 per cent increase in the number of cybersecurity incidents in the third quarter of 2021, compared to the previous quarter. 

Our growing dependence on the internet to work remotely, access information and services, and communicate with the people in our lives, means our ‘attack surface’ has grown too. In other words, the new era of digital everything has created an environment ripe with opportunities for malicious cyber actors to exploit vulnerable targets. 

With many organisations planning to continue along the hybrid working path beyond this pandemic, it’s evident that cybercrime is not going anywhere. It’s never been more important for business leaders and IT decision makers to learn how they can better respond to security threats while making their organisation a less attractive target for attackers in the first place. 

Stay calm, do no harm, raise the alarm 

In the event of a suspected cybersecurity incident, don’t panic. Emotions usually run high in these situations, which is why organisations need to avoid making any rash decisions. 

The best way forward is to stay calm and, if you are a Microsoft Support customer, notify our experienced cybersecurity response teams as early as possible in your incident management process. It’s also vital to keep all communications to a minimum. This helps prevent alerting attackers and can also minimise the risk of unnecessary reputational damage for your organisation. 

When reacting to a cybersecurity threat, you also need to be mindful of any actions that could result in the loss of data – including data that provides evidence of the attack – as well as any actions that might compromise critical business operations. 

The cybersecurity experts in the Microsoft Support organisation will ‘triage’ any customer incident to determine the scale and impact, as a first step in the process. If required, the Detection and Response Team is engaged to assess the situation to understand its scope, and will ask questions such as ‘What initially made you aware of the attack?’, ‘What date/time did you first learn of the incident?’ and ‘What logs are available and is there any indication that the actor is currently accessing systems?’ So the more information you have on hand, the better. 

Turning to your organisation’s legal department is another best practice for dealing with a cybersecurity crisis. Your legal team can decide whether to notify the police or local cybersecurity centre, and can advise on what, if any, information about the incident you should share with customers and the public. 

As the cybercrime supply chain continues to consolidate and mature, and attacks become more sophisticated, your response to an incident needs to be fast, comprehensive and unified. Access to round-the-clock support from an experienced team is a must. 

At Microsoft, we’ve designed our Unified Support offering to give our customers 24/7 reactive support coverage – including escalation management – across all Microsoft technology platforms in their organisation. To help manage critical incidents, we give our customers priority access to product group engineers who have deep expertise in threat protection across devices, identities, apps, data, networks, infrastructure and clouds. 

Be proactive, not just reactive 

While it’s crucial to know how to promptly and effectively respond to a cybersecurity incident in the heat of the moment, it’s just as important to be proactive and mitigate the risk of being attacked before it happens. 

Adopting a Zero Trust security approach is paramount in today’s cloud-based enterprise environments and always-on workforces, and it’s something we’ve implemented at Microsoft to protect our company and our customers. Built on the principle of ‘never trust, always verify’, Zero Trust architecture is designed to improve an organisation’s security posture by minimising the risk of a cyberattack across its entire digital estate. 

Practising good cyber hygiene is another proactive measure organisations can take to help keep cyber attackers at bay. In fact, taking basic security precautions such as using anti-malware, applying ‘least privilege access’, enabling multifactor authentication, keeping devices up to date and safeguarding data still protects against 98 per cent of attacks, according to Microsoft’s most recent Digital Defense Report. 

It’s also important for business leaders, IT decision makers and security leaders to take a holistic view of improving their organisation’s security posture by ensuring that cyber risk is managed for every aspect of the business. For those in Australia, the ACSC’s Essential Eight security guidelines are worth implementing as a baseline. 

Finally, it’s vital that everyone in your organisation is on the same page. At Microsoft, we help customers achieve this by working with them to develop cybersecurity incident response plans, as well as upskilling their teams with training on best practices and crisis response exercises. 

Microsoft Unified Support offers more than 40 complimentary on-demand assessments – including Active Directory and Well Architected Security assessments – to help improve your organisation’s security posture. Our deeply skilled cybersecurity engineers are also available to help identify and remediate any gaps in an organisation’s security posture. A ‘war for talent’ is playing out in the Australian cybersecurity sector, with 7,000 new cybersecurity professionals required over the next two years to meet the current skills shortage, so having access to these skills can make all the difference. 

By taking a proactive approach to designing and adhering to your organisation’s cybersecurity framework, you will be in a much better position to withstand – and even pre-emptively outsmart – cyberthreats in the long run. With the average cost of a data breach in Australia estimated at $3.35 million, the cost of doing nothing is far too high.