Australia has improved on its preparedness for cyber attacks, according to a new report.
In the 2017 Global Cybersecurity Assurance Report Card, it was the only country assessed to achieve a better overall score over the past year. It is up two points from 69 per cent to 71 per cent (a grade of C-). The new rating was influenced by a rise in the Security Assurance Index from 60 per cent to 78 per cent (C+) and a fall in the Risk Assessment Index from 69 per cent to 64 per cent (D).
"Ensuring effective security … may require a different approach for many in 2017."
Some areas need attention
Insights provided by 700 information security professionals in nine countries, including Australia, were used to calculate scores reflective of overall confidence in cybersecurity efforts.
Matt Brigham, ANZ regional sales manager at Tenable Network Security, said the report suggests that certain areas within Australia's IT environment are potentially vulnerable and need attention.
"While Australian security practitioners have made some progress this year in their overall risk and compliance initiatives, the research shows that there are critical gaps in assessing DevOps environments, physical servers in data centres and mobile devices," said Mr Brigham.
"Organisations now have IT infrastructures that incorporate mobile devices, remote access, and usage of cloud-based resources and services. Ensuring effective security in this environment may require a different approach for many in 2017, one that eliminates security blind spots and reduces overall attack surfaces, while prioritising threats so the IT team is not overwhelmed."
Global cybersecurity confidence falls
According to this year's report card, overall global cybersecurity confidence declined by six points to achieve a rating of 70 per cent (C-). This reduction in confidence was largely caused by a 12-point fall in the Risk Assessment Index, which determines respondents' abilities to determine cyber risk within 11 key areas of the enterprise IT landscape.
The table below shows the overall cybersecurity assurance report card ratings and grades.
2017 Global Cybersecurity Assurance Report Card – By Country
|Country||Rating (per cent)||Grade|
As this table shows, despite recent improvements in Australia's cybersecurity readiness, it is still in the middle of the pack relative to other countries.
How concerned should recruiters be?
Today's reality is that cyberattacks have become a major threat for organisations globally, with hackers motivated by a range of agendas. In Australia, the most likely type of cyberattacks are those that are trying to obtain personal information (identity theft) or money (fraud), or to take a website down (disrupt business).
Dennis Rodriguez, IT manager at FastTrack Recruitment, said being hacked is a serious problem, regardless of the breach's size.
"Even if a hacker obtains only 10 per cent of a firm's information, that could be more than enough for them to do some damage," said Mr Rodriguez.
"Cyberattacks could be occurring right now … They are happening all the time and should be an ever-present concern for companies, especially those in the recruitment industry."
Personal information such as names, emails and addresses can be used to open bank accounts or hack into social media accounts.
"Sometimes it's all that's needed … It's the type of information that recruiters or hiring managers hold and can be a target for hackers looking to gain access to personal details," Mr Rodriguez added.
FastTrack has incorporated world-class security features in its recruitment software solutions.
FastTrack leads the way in cybersecurity
Given the nature of recruitment, in which agencies often hold personal data on thousands of candidates, FastTrack has incorporated world-class security features in its recruitment software solutions.
Customers will sometimes enquire about our security measures, especially following reports of large-scale cyberattacks in the media. We assure them that our software is very secure and, if a particular threat is new, we will perform a security update to protect the system against it. These types of security updates are an ongoing priority for us, as they are for many software providers.
In addition to training on security features during the software's implementation phase, FastTrack actively reminds users about best-practice security behaviours on an ongoing basis. Keeping users informed about why they need to adopt such practices and utilise the security features within FastTrack is an important part of of our customer service process.
For the most part, it is about educating users on the need to create a complex password for access to the system. While it seems like a simple measure, employees worldwide continue to risk their organisation's data by choosing a password that is easy to hack.
For more information about our novel FastTrack recruitment software, please contact us today.