Cyber-attacks on businesses in Australia are escalating, according to an April 2019 report by IT security firm Carbon Black. About 90 per cent of businesses surveyed have suffered beaches, the survey shows, and nearly the same number of Australian businesses say that threats to their networks are increasing both in number and in sophistication. Human error in document sharing accounts for a large percentage of these breaches.
Attacks on mobile phones in Australia have increased alarmingly, and logging into free wi-fi makes it easy for phone hackers to get inside your mobile, warns the Sydney-based cyber-crime expert Julian Plummer. “Hackers use a ‘wi-fi pineapple’ to mimic a public wi-fi access point, and logging on to these malicious wi-fi access points allows hackers to intercept any unencrypted personal data.”
Hackers can also reach business’s mobile phones via the public cell phone charging stations, often found at airports and train stations. USB ports can pass data through them and essentially infect your device, along with every other device that plugged into the port before you. At a busy airport where people are coming and going all day long, that’s a lot of risk. One way that this works is that a cybercriminal purposely leaves a phone charger behind. You come along and, rather than pull out your own charger, you just use the one that’s there. What you have no way of knowing is that there’s an extra chip inside the cord that deploys malware.
If sensitive documents have been shared to one of these phones, then the sensitive information is easy prey for hackers who can sell it to anyone they like.
Cyber attacks on businesses are up 205 per cent in the past year, according to Vodafone statistics. Wellington-based cyber security entrepreneur Kendra Ross warns that many New Zealand businesses were oblivious to threat of such theft of corporate documents, particularly through things like mobile phones, IoT and other smart devices. Document sharing is again the source of many breaches.
Bring your own device – but connect with care
Board members nearly all use their own devices to communicate with each other about their work. Yet a survey by Infonetics shows that 64 per cent of personal devices used at work have had sensitive corporate data stolen.
In an Australian March 2019 survey by IDG Communications:
- One in five organisations lacks visibility into basic, native mobile apps on personal devices;
- Only 56 per cent of companies employ key functionality like remote wipe for removing sensitive data from endpoints;
- 43 per cent of organisations don’t know if any BYOD or managed devices downloaded malware, indicating a significant lack of visibility;
- 24 per cent of organisations don’t secure email on BYOD at all.
“These statistics indicate that companies aren’t entirely prepared to secure data properly in BYOD environments, although 51 per cent of respondents believe that the volume of threats targeting mobile devices is continuing to increase,” according to the survey.
About 30 per cent of Australian companies surveyed still do not allow BYOD due to security concerns, the survey shows. But it is highly probable that in the coming years companies will alter their practice in order to maintain a competitive stance in the market.
What’s more, these personal devices are used to exchange email or messaging; in fact, Over half of sensitive internal board communiques happen over personal email, writes Forrester Research in a recent report. Fifty-six percent of board members are using personal email (not business-regulated email) to communicate about board matters. This type of practice leaves boards vulnerable to potential cyberattacks, breaches, and inadvertent data leaks. While just over a third of boards rely on closed-loop secure communication channels, the rest are risking potential material loss by using unsecured communication methods.
Insecure document-sharing is a high priority for cyber security experts, as nearly half of firms in Australia and New Zealand make it a high priority. This is because web browsers are the most-used engines for document sharing, the Infonetics survey shows.
According to a recent study by the Ponemon Institute, the Ponemon Institute, organisations are not aware how pervasive the use of browser-based document-sharing applications has become. In this study, more than half (51 per cent) of respondents say their employees use at least one browser-based file sharing tool. However, more than one-third (34 per cent ) of respondents do not know the extent to which these applications are being used in the workplace.
Board directors deal with much more confidential and sensitive information than most other people – and the need for them to be able to share documents in complete security is critical. The best tool for board directors to work efficiently in a secure environment is to use a highly secure board management software system that was designed by an industry leader in Modern Governance.
Modern Governance Requires a Board Management Software Platform
Diligent designed a secure platform for board communication and collaboration. The software designers really listened to their board member customers and learned about the particular needs that boards have.
Diligent Corporation put together an entire suite of board management governance software solutions and made sure that they all fully integrate with each other and that there is no risk of one product spreading a virus to another. Everything with Diligent products resides in the cloud and is available online and offline, so companies don’t even need VPN.
A specific way that boards can protect themselves is by using the user permission feature to ensure that only the right people get access to sensitive information and that the rest remains confidential. If sensitive information somehow got taken, encryption adds a layer of protection. Diligent is aware that encryption needs to follow industry best practices and evolve to ensure that digital board tools have the strictest security measures possible.
September 7, 2020
Avoiding Cyber Confusion in the Board Room
It is imperative that Directors understand the cyber risks facing their companies and organisations. The increasingly complex internal and external landscape presents unique challenges for Boards. Several key steps can however significantly increase the cyber resilience of any company or organisation, irrespective of size. The article outlines five key steps…
August 20, 2020
Minimising the Risk of Virtual Meetings: 5 Practices Boards Should Avoid
Months into the COVID-19 lockdown, remote workers—and board members—have become more accustomed to virtual meetings. They’ve found a quiet place in the house, mastered the mute and camera buttons, and fully styled their background bookcases and “Zoom couture.” Yet as virtual work becomes a way of life, not all adaptive…
January 30, 2020
Voice Assistants in the Boardroom: The Pro’s and Con’s
Australians are going crazy for voice assistants – they are selling faster there than in the US, according to Voicebot.ai, and 5.7 million Aussies already have them. They are becoming popular in New Zealand too, reportedly, although there has been some scarcity…