Category: Uncategorised

Investigation Into Medibank Launched, Could Face Millions in Fines

Investigation into Medibank launched, could face millions in fines

An investigation has been opened into the Medibank data breach which could result in heavy fines.

The health insurer’s personal information handling practices will be investigated by The Office of the Australian Information Commissioner (OAIC).

In a statement the OAIC said the investigation will focus on “whether Medibank took reasonable steps to protect the personal information they held from misuse, interference, loss, unauthorised access, modification or disclosure,”

“The investigation will also consider whether Medibank took reasonable steps to implement practices, procedures and systems to ensure compliance with the Australian Privacy Principles (APPs).”

If the findings of the investigation reveal that this is a serious or repeated breach, Medibank could face penalties of $2.2 million for each violation.

In response to several data breaches, The Australian Government recently passed a bill to increase penalties for such offenses from $2.2 million to $50 million.

Although Medibank will not be affected by the new laws, organisations should evaluate the current methods they use to protect the data they collect.

Do you know your Cyber Security capabilities, and your level of risk? Do you have a clear plan on how to improve your capabilities? Would you know what do to do if you had a cyber security incident? 

If you are concerned about these new penalties, and don’t understand what your level of risk is request a free assessment to start your journey on protecting your company, employees and customers below. 

Contact



    What is the Essential 8 and Why Should You be Interested?

    What is the Essential 8?

    The Essential Eight is a baseline set of mitigation strategies that have been developed by the Australian Cyber Security Centre (ACSC). These mitigation strategies have been developed by the ACSC to help organisations protect themselves against various cyber threats regardless of their industry.

    1. Application Control

    2. Application Patching

    3. Configure Microsoft Office Macro Settings

    4. User Application Hardening

    5. Restrict Administrative Privileges

    6. Patch Operating Systems

    7. Multi-factor authentication

    8. Daily Backups

    While implementation of the Essential Eight does not guarantee against cyber attacks, it significantly reduces your organisation’s attack surface, the risk of being compromised, and your ability to successfully recover/continue business if you are attacked.

    Why the Essential 8?

    As COVID-19 has changed the landscape of organisations, increasing the number of remote workers, cyber attacks have also evolved to target businesses through differing mechanisms. In an effort to protect your organisation, the Essential 8 allows you to implement a cyber threat management strategy and maturity journey. Implementing the Essential 8 is a journey. It allows for quick improvements of your overall cyber security, while giving a clear roadmap to long term improvements.

    How will Acurus help you achieve compliance?

    Leveraging our extensive cyber security experience, Acurus will significantly improve your organisation’s cyber threat management capabilities. Partnering with leading technology vendors like Microsoft, Fortinet and Tanium, Acurus can perform a comprehensive cyber security gap assessment, and create a plan unique to your business to address each area of the Essential 8.

    Utilising features from our partners Acurus can quickly and efficiently:

    • Align your endpoints to a common security standard, facilitating User Application hardening and restricting administration privileges
    • Enable Application Control and Patching, including managing office macro settings
    • Remove unwanted 3rd party applications
    • Perform vulnerability scanning
    • Detect unmanaged endpoints
    • Efficiently patch operating systems

    Acurus will help you to create a unified solution, which meets all needs of the Essential 8, while also simplifying endpoint management, allowing them to be viewed and managed from a single dashboard, maximising your resources and driving down your 3rd party software exposures.

    If you’d like help with developing or implementing your essential 8 strategy contact us on 1300 119 561 or let us contact you by expressing your interest below.

    Contact

     



      30% Rise In Ransomware Attacks Over Holiday Season

      Report reveals 30% rise in ransomware attacks during the holidays – Cyber Security Connect

      Darktrace has reported that its security researchers discovered a 30% increase in the average number of attempted ransomware attacks globally over the holiday season in every consecutive year from 2018 to 2020 compared, with the monthly average.

      According to Justin Fier, director of cyber intelligence and analytics at Darktrace, the largest rise in attempted ransomware attacks is between Christmas and New Year’s when attackers know there will be fewer eyeballs on screens defending against threats.

      “Based on what we’ve seen in previous years, holidays are consistent target periods for cyber attackers.” He said.

      “Business leaders should know that there is available technology that can identify and respond to the initial warning signs of ransomware before attackers can hold critical systems hostage, even when human security teams are out of office.”

      For over ten years, Acurus has helped businesses defend their online assets through 24/7 monitoring and safeguarding of their digital security.

      Don’t be victim to ransomware this Christmas. Contact us today for a free assessment on your organisations cyber security. Work from Anywhere Securely – Acurus

      SA Government Hit By Cyber Attack

      SA government hit by cyber attack – Cyber Security Connect

      South Australian Premier Steven Marshall is among 38,000-80,000 employees with personal information exposed as a result of a ransomware attack on external  payroll software  provider Frontier Software.

      According to the SA government, the personal information includes names, dates of birth, tax file numbers,  home addresses, bank account details, remuneration and superannuation contributions.

      The breach is currently under investigation, with the government offering support to affected employees.

      As organisations become more reliant on SaaS products, it’s crucial when making purchasing decisions to consider  potential SaaS providers’ security posture and practices, as it can and will have direct impacts on their customers  when they suffer outages due to cyber incidents.

      Attackers are increasingly using an organisation’s supply chain partners to gain access to confidential and sensitive  information, particularly if they identify a weak link. As such, it’s imperative organisations are working closely with  their supply chains to understand the security of businesses they collaborate with and work together to address  vulnerabilities.

      For over ten years, Acurus has been trusted by Australia’s largest household brands, including Energy Australia, Officeworks, Bakers Delight, Red Energy, and Reece Plumbing.

      If you need cyber security assistance, post incident or need to bolster your cyber security position to avoid detrimental attacks contact us today for free cyber security gap assessment. Work from Anywhere Securely – Acurus

      Zoho: Patch new ManageEngine bug exploited in attacks

      Zoho: Patch new ManageEngine bug exploited in attacks ASAP (bleepingcomputer.com)

      Business software provider Zoho urged customers today to update their Desktop Central and Desktop Central MSP installation to the latest available version.

      Zoho’s ManageEngine Desktop Central is a management platform that helps admins deploy patches and software automatically over the network and troubleshoot them remotely.

      The warning comes after the company patched a critical vulnerability which could allow attackers to bypass authentication and execute arbitrary code on unpatched ManageEngine Desktop Central servers.

      A quick search using Shodan has revealed over 3,200 ManageEngine Desktop Central instances running on various ports and exposed to attacks.

      For over ten years, Acurus has been trusted by Australia’s largest household brands, including Energy Australia, Officeworks, Bakers Delight, Red Energy, and Reece Plumbing.

      If you need cyber security assistance, post incident or need to bolster your cyber security position to avoid detrimental attacks contact us today for free cyber security gap assessment. Work from Anywhere Securely – Acurus

      Building Deeper Relationships in the New Digital Retail Sector

      Like many industries, the retail sector is going through a digital revolution. A digital shift that has been accelerated by the global pandemic. More people than ever before are shopping online and enjoying these seamless, contactless experiences. Australia’s growing adoption of events like Black Friday are accelerating the journey.

      So how do retailers respond to this great challenge? How do they adapt their businesses and workforces and do it in a way that is efficient, flexible and profitable? In a world full of choice, retaining customers and keeping them engaged in brands is more difficult than ever.

      What does the model of a modern retailer look like?

      Without a doubt the future is digital. But it is also omnichannel and finding new ways to connect and retain customers.

      Modern retail is no longer just about the store front, its digital led. Consumers now have more choice than ever before, bringing issues of increased customer fickleness and churn.

      Retailers are competing to retain and build customer relationships in this new world.

      In this race to win, brands must diversify their offering.

      Adding additional services, that are front of mind and emotional such as telecommunication services, is the way of the future.

      It is the new way to deepen customer relationships and increase engagement over time.

      Qantas has been a leader at this for many years now.

      The iconic brands ever expanding frequent flyer partnership model, now including Optus Mobile, Officeworks – see the company adding nbn and mobile services to their product line.

      Energy retailers are also embracing this trend, adding telecommunications and insurance products to their line up, for example EnergyAustralia’s Experience On Program. And CBA has invested in telecommunications partners Moore Telecom and Tangerine – all part of the breakdown of traditional industry silos.

      At Acurus, we are at the forefront of helping make Australian businesses better and more successful.

      And we are excited about helping more companies move into this space in a meaningful way.