October is Cybersecurity Awareness Month, and thereโs no better time for businesses to review and strengthen their online defences. In just the second half of 2022, there was a significant 26 per cent rise in notifiable data breaches, with 497 reported incidents, according to the Office of the Australian Information Commissioner (OAIC).1ย Unfortunately, this number is expected to climb even higher in 2023, especially with the increase in targeted threats to Internet of Things (IoT) devices.
Ilan Rubin, chief executive officer, Wavelink, said, โThe message is clear: companies must adapt, empower, and educate. As the cyber landscape evolves, so must an organisationโs defences. Modern cyber threats have expanded beyond technical and system vulnerabilities. Todayโs cyberattackers capitalise on human mistakes as their primary breach points, which means businesses should focus on building a resilient cybersecurity ecosystem through continuous staff awareness.โ
This Cybersecurity Awareness Month, companies should consider taking four steps to protect their digital assets:
1. Use secure passwordsย
While it might seem basic, the use of strong, complex passwords remains a foundational principle of cybersecurity. The days of using โpasswordโ and โ12345โ as sufficient passwords are gone. Relying on simple passwords in 2023 is like using a twig as a barricade. An approach like this only benefits cybercriminals. To enhance security, organisations should remind their employees to avoid using readily available information, such as birthdays or pet names, when creating passwords. Additionally, they should not use the same password for multiple accounts; if one is compromised, all could be at risk.
2. Embrace multi-factor authentication (MFA)
Given the increasing number of stolen passwords on the dark web, itโs clear that a strong password alone isnโt always foolproof. MFA offers an additional security layer, asking users to provide two or more verification methods. This could be a code from a mobile or email, a physical hardware key, or even biometric data like fingerprints. With MFA, even if a password falls into the wrong hands, cybercriminals still face significant hurdles before accessing that information.
3. Stay alert to phishing attacksย
Cybercriminals are continually refining their phishing strategies, targeting the most vulnerable point in any company: its people. Spear phishing, particularly, has seen a rise, where tailored emails deceive users into thinking theyโre genuine. The best defence against phishing is awareness. Organisations should equip their employees with the knowledge to spot these fraudulent attempts, be it a slight change in a senderโs address, misplaced logos, or unusual requests. Itโs also important for business leaders to instruct their employees that if they ever receive an email that claims to be from an institution they trust, always verify its authenticity by contacting the institution directly through trusted communication channels. Never impulsively click on links or download attachments.
4. Regularly update softwareย
An often overlooked but crucial step is consistently updating software. Contrary to popular belief, software updates donโt just introduce new, exciting features; they also strengthen an organisationโs digital defences. Vulnerabilities are regularly discovered, and updates serve as patches to mend these weak points. From smartphones to desktop applications, fostering a culture of regular updates shields companies from potential cyber threats that exploit known software vulnerabilities.
Ilan Rubin said, โCybercrime is on the rise, impacting large and small businesses alike. The technology used daily keeps changing, and so do the threats. With cyberattackers getting smarter and using more advanced tools, itโs up to everyone in an organisation, no matter their role, to stay informed and act safely online. This month reminds all employees about the importance of staying on their toes, learning about online dangers, and doing their part to keep their company safe.โ
