For the past year, Australia has been the target for increased cyber attacks, affecting government institutions to various businesses. What should boards across organisations and enterprises in Australia then do to increase their cyber security?
The Rise of Cyber Attacks in Australia
In early March, Australian businesses and organisations were exposed to numerous cyber attacks linked to state-sponsored hackers who exploited security flaws and vulnerabilities of the popular software Microsoft Exchange.
Microsoft published information about the exploited vulnerabilities on its Exchange product, in the first week of March. The Australian Cyber Security Centre reported the detection of unusual activities in the next following days, with an estimated 7,000 Microsoft Exchange servers in Australia left potentially vulnerable. Microsoft has since released emergency patches to fix the vulnerability, but the application of these patches will be left to businesses and organisations who may not understand the time-sensitive nature of the vulnerability, or may not have the capability to do so.
With the emergence of these cyber attacks, the Australian government has been refining Australia’s Cyber Security Strategy to better protect the public and private sector. However, cyber security is an increasingly time-sensitive issue, and it is imperative for organisations to proactively take steps to implement their own cyber security methods. Below, we have enumerated ways how you can start protecting your organisation from potential vulnerabilities, including ways to secure high-level meetings — especially when these are done remotely.
How Can Companies and Institutions Protect Their Digital Assets
Sensitive detection systems are key to quick identification of breaches and effective introduction of mitigating actions.
An effective detection system can alarm IT departments of malicious activity happening inside an internal network. The timely deployment of mitigating actions can significantly reduce the losses caused by hacker attacks. Furthermore, detection systems also help organisations and companies prepare a statement and warn stakeholders of a breach, letting all parties respond to the attack by, for example, changing their logging credentials.
Multi-factor authentication should protect access to digital assets connected to the internet. The same goes for cloud-based systems used by businesses and organizations.
Sample remote access services that should have multi-factor authentication enabled:
- Email client
- Virtual private network (VPN) connections
- Online collaboration software
Multi-Level Data Encryption
Documents stored locally as well as on the cloud should be encrypted with a reliable encryption method. For example, one of the recommended encryption technologies is government standard AES 256-bit encryption.
Data encryption is important for storing as well as transmitting data. Reliable data transmission encryption ensures data integrity for VPN connection and file exchange. In other words, files are unreadable for any parties that intercept them but become readable upon decryption by authorized parties.
Regular Software Update
Internet-facing digital assets should be patched and updated to the latest version. When downloading updates, also check the credibility of the source.
Regular software updates, especially email and web client updates, help introduce patches to security vulnerabilities in a timely fashion. In fact, unpatched and outdated software accounts for one in three breaches.
Cloud Environment Provider
An increasing number of enterprise workloads is moving to the cloud. It’s up to government organisations and companies then to ensure that they partner with reliable cloud service providers.
Review your third-party service providers and check their security policies and procedures in case of a hacker attack.
It’s estimated that as much as 60% of cyberattacks can be attributed to the exploitation of third-party vendor security vulnerabilities.
Include cyber security in your risk management practices. Cyber security should become a permanent item on the board meeting agenda. Risk management is an ongoing activity and should be addressed frequently to reflect the changing attack surface that expands with every new digital asset added.
How Can Companies and Institutions Secure Their High-Level Remote Meetings
High-level meetings utilise sensitive information. So, when shifting face-to-face meetings to remote meetings, you must ensure that the remote meeting software should be equipped with specific features that decrease the likelihood of data breaches.
- User logs and activities. Logs help analyze any possible malicious attempt happening within a remote board meeting software.
- Session timeouts. Automatic sign-outs can prevent unauthorized parties from accessing the platform after it was accidentally left turned on.
- Role-based access control. Access control lets the administrators set up different access levels to a variety of features in a board meeting software. This way, all important documentation is available to authorized users only.
Aside from relying on the security measures built into the remote board meeting software, you should also conduct all remote high-level meetings with best practices in mind.
- Require passwords. Secure access to all meetings with a password. Consider one-time-passwords (OTP) and tokens.
- Check the meeting links. Upon receiving a meeting link, check the URL thoroughly. Any typos might be deliberate, redirecting the connection to an unsecured location. Furthermore, ensure it’s a trusted sender.
- Verify attendees. Check the participant list prior to sending out meeting invitations. Consider setting up waiting lists, to further make sure no one unauthorized tries to attend the meeting.
- Report suspicious activity. Whenever you see any suspicious activity, report the incident to IT teams immediately.
Decrease Your Cyber Security Risk
Not following the advice and best practices on security can lead to reputational damage, litigation, and significant fines. Considering that governments and government-related organizations store highly sensitive data of thousands of people and entities, a proactive approach toward cyber security should then become ingrained in everyday operations of the board and top management.
For more, read our white paper: Combatting Cyber Security Risks in the Boardroom
How Can a Board Portal be Impacted by a Cyber Attack on An Exchange Server?
Most board portals including Convene use email as a means of notification. This means that even though the portal itself may still be secure the hackers could still have access to the information in the email coming from the Board Portal to the directors via the exchange server. When assessing the impact on the board of this current cyber attack or future cyber attacks it is important to consider what information can be contained in the emails
1) Can the directors or any of the meeting attendees email documents from the board portal or the app
2) Do the board portal emails contain potentially sensitive information about the agenda or decisions made in meetings
3) Do the board portal emails contain any password reset information that could be used to gain access to the account.
Email notifications from Convene only contain the invite to the meeting and cannot include any documents. Directors cannot send emails from their apps, if they want to share information, they can do this via a secure review room. Password reset is protected via two factor authentication.
As a result we were able to tell all of our customers with confidence that these Cyber attacks would not compromise the information held on their Convene board portal.
Considering all of the possible vulnerabilities and understanding how the design of the Board Portal can mitigate them is the most effective way to prevent cyber attacks. We design Convene to be secure and would be very happy to discuss this with you, please click on the link to start the conversation.