The Armoury – May 2024

Welcome to The Armoury.

Cyber threats are getting sophisticated, and the number and style of threats are on the rise. We understand that your schedule is packed, but staying informed about cybersecurity is a top priority. With The Armoury, we've curated the most relevant and important content from trusted sources. Our team handpicks articles, news items, and tips that you need to know, saving you time and effort while ensuring you have the knowledge to protect yourself and your organisation.

?

If you ever decide that The Armoury no longer aligns with your needs, you can easily unsubscribe at any time.

Stay safe.

?Latest Cybersecurity News

• ?Cyber Breach Hits Western Sydney University. Western Sydney University faces a cybersecurity crisis as a breach impacts 7,500 individuals. University authorities are investigating the incident and have alerted those affected, advising them towatch for signs of identity theft or fraud. An investigation revealed that unauthorised access began on May 17, 2023, via the university's Microsoft Office 365. The breach involved accessing SharePoint files and emails, with the Solar Car Laboratory potentially involved in the incident. Source: News.com.au
• ?Optus Faces Legal Action Over Cyber Attack. Optus intends to defend against claims of customer data mishandling following a 2022 cyber attack. The Australian Communications and Media Authority alleges Optus breached telecommunications laws during the breach. A Federal Court directions hearing is pending. The attack, affecting over 9 million customers, led to passport and driver's license leaks. Prime Minister Anthony Albanese urged stricter cyber security laws. Optus CEO resigned, and fallout remains uncertain. The breach triggered criminal investigations and scrutiny from federal authorities. Source: ABC News
• Qantas Investigates Potential Data Breach in Frequent Flyer App. Qantas Airways is probing a potential data breach in its frequent flyer app after reports suggested users accessed other passengers' travel details. Media outlets cited instances of users viewing strangers' travel information and even cancelling their tickets. Qantas stated it's urgently addressing the issue and investigating if recent system changes caused it. However, no further details were provided. The airline is yet to confirm the reported breach publicly. Source: Reuters

Cybersecurity Tips & Best Practices

• Practice Digital Asset Management: Maintain an inventory of all digital assets, including software, hardware, and data, to effectively monitor and protect your organisation's resources.
• Conduct Security Awareness Training: Educate employees about cybersecurity best practices, including how to identify phishing emails, recognise social engineering tactics, and securely handle sensitive information.
• Establish Incident Response Team: Formulate a dedicated incident response team tasked with promptly investigating and mitigating cybersecurity incidents, ensuring a coordinated and effective response to security breaches.

?

Cybersecurity awareness & education

Did you know?

Cybersecurity is not just an IT issue—it's everyone's responsibility. From the CEO to the newest employee, everyone plays a role in maintaining a secure work environment. By fostering a culture of cybersecurity awareness and empowerment, organisations can better defend against cyber threats. Encouraging employees to stay vigilant, report suspicious activities, and participate in ongoing cybersecurity training can significantly enhance the overall security posture of the organisation.

?

Cybersecurity FAQ

What role does employee training play in cybersecurity?

• Awareness: Employee training raises awareness about cybersecurity threats, helping employees recognize potential risks and vulnerabilities in their day-to-day activities.
• Knowledge: Training equips employees with essential knowledge about common cyber threats, attack vectors, and best practices for preventing security incidents.
• Risk Reduction: Well-trained employees are better equipped to identify and mitigate cybersecurity risks, reducing the likelihood of security breaches and data loss within the organisation.
• Compliance: Training ensures employees understand their roles and responsibilities regarding cybersecurity compliance requirements, regulatory standards, and industry-specific guidelines.
• Incident Response: Trained employees play a crucial role in incident response efforts by promptly reporting security incidents, following established procedures, and cooperating with IT and security teams to contain and mitigate threats.
• Culture of Security: Employee training fosters a culture of security within the organisation, where cybersecurity becomes a shared responsibility and a priority for all staff members, from executives to frontline employees.
• Adaptation to Emerging Threats: Continuous training programs help employees stay updated on evolving cybersecurity threats and emerging attack techniques, enabling them to adapt their security practices accordingly to stay ahead of cybercriminals.

Cybersecurity Events

Name of Event:

ADAPT: Digital Edge 2024

Location: Melbourne, Australia

Date: 6 June 2024

Register Here

Name of Event: Cyber Security Summit and Awards

Location: NCCC, Canberra.

Date: Thursday, 20 June 2024

Register Here

Cybersecurity Trivia of the Month

In 2017, one of the largest data breaches in history was disclosed, involving the compromise of personal information from over 147 million individuals. This breach targeted Equifax, a major consumer credit reporting agency, exposing sensitive data such as social security numbers and birth dates.

?

Recent Ransomware Breach?

MediSecure Ransomware Breach

MediSecure, a key e-script provider, faces a major ransomware data breach, confirmed by ABC. The incident exposes personal and health data, prompting the company to take down its website. Investigations are ongoing, with the company pledging cooperation while focusing on mitigating the breach's impact. Suspected to originate from a third-party vendor, the breach heightens concerns over cybersecurity in healthcare. MediSecure'sinvolvement in national health data exchange amplifies the urgency for robust cyber defenses. Source: ABC News

??

Cybersecurity Joke of the Month

?

Sign up for The Armoury

Sign up for our The Armoury to get the latest updates on Cybersecurity first-hand via email.?

#itbusiness #technology #cybersecurity #cybersecuritytips #cybersecurityupdates #innovation

?