2017 may well be the year that people remember as the year we lost our software innocence. This past weekend, we saw an NSA/CIA-related leak leading to massive data loss and the disruption of hospital services and other institutions worldwide, via the ransomware ‘WannaCry’. There have also been recent, highly-publicised allegations that hacking operations have affected email servers, databases, banks—and even elections.
As IT users, we all have the responsibility to protect the data we collect, store and use—it is no longer enough to ignore information security in an attempt to reduce costs, or because we are not aware of the threats posed by a lack of security. However, what we find is that as the complexity of software has exploded, particularly in association with the move to mobile and cloud applications, few single technical experts or even groups of experts know of and can understand all the functions and vulnerabilities associated with their software. This creates a situation brimming with opportunities for ill-intentioned actors to gain access to sensitive information, such as client or patient personal details, confidential business data, or the programs underlying critical business applications. This trend is not slowing, and means that individuals and organisations need to take immediate steps to secure their data.
Fortunately, there are changes on the horizon, and things you can do to secure your data today. Firstly, the reality of the threat means the Australian government is investing heavily in improving our national monitoring and intelligence defences, and businesses are starting to follow suit. Secondly, the government has (finally!) passed legislation that requires mandatory reporting of data breaches in Australian companies and institutions. This means that from February 2018, issues must be reported, and can no longer be kept out of the public eye—this is good for the safety of Australian businesses and customers, and something for which organisations must prepare as soon as possible. Preparation entails active penetration testing, code and configuration reviews, and security event monitoring—simply deploying a firewall is not sufficient to protect an organisation.
Finally, trusted companies like JDS Australia have the tools, skills, and capabilities to help secure your environment. We can analyse your software to find weaknesses, work with your development and project teams to bake healthy security practices into your software from the start, and provide the tools and services that will enable you to easily monitor the security posture of your entire organisation, thwarting the ‘bad guys’ wherever they are. Vitally, we strive to communicate potential problems in an easily understood manner, allowing our customers to make informed business decisions.
For a confidential discussion about how we can help, call JDS Australia on 1300 780 432.