Social - Clear

Company Slogan

THE STRAIGHT TALKING ALTERNATIVE

Social - Clear

What Impact Does a Data Breach Have on Your Customer Base?

What Impact Does a Data Breach Have on Your Customer Base? We have gone through the technical aspects of data breaches in some detail, notably in our recent eBook. However, the business impacts are just as (if not more) important.

When your organisation suffers a data breach, the damage is more than lost data or costs to restore a system. Reputational damage can result in significant customer churn.


How do data breaches impact customer churn?

In IBM and The Ponemon Institute's research report on data breaches in Australia, the organisations outlined the exact breakdown of breach costs.

On average, a data breach cost businesses $139 per compromised file. That breaks down to $60 in technical costs, and $79 to indirect costs like customer churn. That's an average of 56 per cent of data breach costs coming through issues of customer retention.

Some sectors are more susceptible to this than others. Financial services and technology companies recorded higher than average churn after a data breach, while hospitality and retail are among those with more limited churn impacts.

At its core, this is an issue of trust. If your organisation deals in personal or private information, particularly financial data, there is an expectation that your company will be able to keep it secure. When it fails to do this, it fails at the core of its business. That is perhaps why churn in those sectors is so much higher than in retail or hospitality, where data security is not a core theme.

Lost records mean lost trust, which in turn means lost business. But how can you go about minimising this churn?


How to minimise the business impacts of a data breach

In trend terms, the churn-related impacts of a data breach are on the decline. IBM and Ponemon's research noted a 5.3 per cent drop in these costs over 2017, particularly among companies that had a lower technical cost per record.

One of the keys to this could be brand management. Your response to a data breach shouldn't just be in line with the Notifiable Data Breaches scheme - it should be part of a wider strategy to regain the trust of your customer base.


1. Future-proofing and transparency

Consider Facebook's response to the Cambridge Analytica scandal - one of the most reputationally damaging events in history. Beyond repairing the immediate harm, the company completely overhauled its privacy settings and communicated those changes to users clearly. Well, relatively clearly. The company's stock continued to fall after the event, but this is a prime example of future-proofing in a transparent manner, of demonstrating a commitment to safety and security in the eyes of your customers.


2. Implement best practice early

Data breaches will, to a certain degree, always have an element of embarrassment to them. However, if your company can demonstrate to customers that it has a strong history of best-practice data security, this may go a long way towards minimising churn.

As an example of this done wrong, look no further than the Australian government. Early 2018 saw the leak of confidential written documents that were stored in a cabinet that was sold in a second-hand store. Regular audits of your information storage and best-practice rules on digitisation are a must at the very least.


Use people you trust

Click here to download the White Paper

In many cases, businesses simply won't have the in-house expertise required to implement proper data security strategies. And that's OK! The team at Over the Wire are network specialists - local experts who will partner with you to understand exactly what your business needs.

It's a surefire way of tightening up security, demonstrating to customers that you take handling their information seriously, and mitigating the churn that results from a data breach. Don't forget to download and implement our white paper, 6 Steps to Improve Your Business Cyber Security here.

Act early, act in good faith and act smart. Get in touch with the Over the Wire team to minimise risks today.

OTW #69 in Financial Review Fast 100 - 2018

Financial Review Fast 100 - Over the Wire ranked 69 The Australian Financial Review has released the Financial Review Fast 100 list for 2018, comprising of Australian businesses that have shown consistent, high growth over time. The rankings were calculated on a 3-year average of year-on-year growth percentage.

In the FY16 - FY18 period Over the Wire achieved an average year-on-year growth of 49.2%, which placed us at Rank 69 on the Fast 100 list. This is the second year in a row that Over the Wire has made the list published by AFR, ranking 74th in 2017.

Thank you for the fantastic, ongoing support from our clients and the amazing commitment from our team; we could not have achieved this result without you.


What is SD WAN?

What is SD WAN? SD -WAN is a prominent buzz word at the moment in the world of corporate telecommunications. Literally, it is an acronym for Software Defined Wide Area Network(ing), but what does that mean in practice? In this article we explore some of the capabilities of SD-WAN and what it might mean for your organisation.


The Basics of Corporate Networks

Most corporate networks in Australia today are built on private MPLS (MultiProtocol Label Switching) technology. These private networks are distinct and separate from the public Internet, and are only able to interact with it based on the business’s security policies. These policies are enforced by a firewall which separates and regulates the flow of data between the public Internet and the private corporate network.


A different paradigm: SD-WAN

When people talk about SD-WAN in a corporate network setting, they are usually referring to an approach which uses CPE’s (Customer Premise Equipment) that run more advanced software to effectively build a virtual network over the top of any underlying network – public or private.

Each branch typically ends up having its own firewalled Internet link, and the corporate network itself might even be run over the Internet through secure VPN (Virtual Private Network) tunnels.


What are the Pros and Cons?

MPLS and SD-WAN each has advantages and disadvantages which may be relevant depending on an organisation’s requirements. It can be optimal to combine elements of both approaches to deliver what is knowns as a Hybrid WAN solution. A comparison of the two approaches to some key areas follows.

Security

To be secure, SD-WAN requires encrypted VPN tunnels between sites and relies on firewalls at each Internet connection point to secure your corporate data. These are proven technologies, but is a VPN (Virtual Private Network) over the Internet as secure as an ACTUAL private network that doesn’t run over the Internet at all? The answer to that is more complex than the scope of this article.

With proper configuration either a VPN or private MPLS approach can be considered secure. An even more secure solution can be achieved via a hybrid WAN configuration that uses encrypted VPN tunnels over private MPLS links. The best approach depends on your organisation’s needs and budget.


Network Visibility and Orchestration

The more advanced software that runs on SD-WAN devices can give improved visibility and orchestration of network traffic. In practice OTW’s Advanced ESP firewall can provide similar network edge reporting for a private network.

The ultimate in network reporting and orchestration can be delivered via an integrated solution between Advanced ESP and compatible SD-WAN devices. Once again, the best approach comes down to your organisation’s needs and budget.


Critical Traffic: Application Prioritisation vs QoS

Certain types of network traffic are affected by fluctuations in network performance much more than general traffic. Examples of sensitive traffic include voice, realtime video and terminal services. SD-WAN and private MPLS each have the capability to provide priority to critical traffic, but they use different approaches which can lead to different outcomes.

A private MPLS network provides priority to critical traffic such as voice using end-to-end QoS (Quality of Service). End-to-end QoS is the gold standard in traffic management, with every step in the data’s journey managing its priority and ensuring that it will be delivered promptly and in the same order it was sent. Assurance of voice quality can only be achieved with the benefit of end-to-end QoS.

An SD-WAN network cannot deliver end-to-end QoS over a public network like the Internet. Instead, SD-WAN can make decisions about which link to send traffic along depending on what application the data belongs to, and the current performance of the available links. This makes SD-WAN adept at optimising the utilisation and performance of multiple links to a single site, whether this is implemented as providing active/active load balancing between links, split tunnelling based on application, or low priority traffic being sent down cheaper low quality links, while high priority traffic is sent down the best available link at a point in time.

The flexibility of application prioritisation has many uses, but it should be noted that application layer priority cannot provide the same consistency and assurance of voice quality as end-to-end QoS. For an SD-WAN solution to achieve that standard, the underlying network layer still needs to be an appropriate high quality private MPLS link that supports QoS, effectively making it a hybrid WAN solution.


International

When a corporate network involves international locations, the cost and logistics of deploying private MPLS connectivity to those locations can be prohibitive. SD-WAN shines in this situation, allowing an office to be connected to the network simply by sending an SD-WAN device to the site and connecting it to an easily available Internet link.


Cost

There is significant hype in the market about SD-WAN enabling organisations to cut the cost of their WAN. The SD-WAN vendors who promote this claim are mostly based in the USA where the wholesale network connectivity landscape is quite different - in Australia, private MPLS links are more affordable compared to commodity Internet links. As a result, the higher cost of SD-WAN endpoints typically offsets the gains from reduced tail costs, resulting in a similar Total Cost of Ownership.

At the end of the day, whether a network solution is based on SD-WAN, private MPLS, or a Hybrid WAN approach, in most cases the only way to materially cut networking costs is to sacrifice link quality or network resilience.


The Right Solution for your Organisation

There is no “one solution fits all” when it comes to corporate networks. It takes professionals who understand the finer details of networks and business requirements to develop the best solution for your needs.

Over the Wire is uniquely positioned to design and deliver the style of network solution that makes sense for your organisation, whether it is based on private MPLS, SD-WAN or an integrated combination of both. Over the Wire’s years of experience in converged voice & data networks and managed security, combined with our status as a Fortinet Gold Partner, enables us to deliver a network solution which provides the standards of quality and security that you require.

Contact a member of the Over the Wire team today using the form below.

What protection does cyber insurance offer your business and who should invest in it?

What protection does cyber insurance offer your business and who should invest in it? Data breaches: they're expensive. Research from IBM and the Ponemon Institute puts the average per-record cost of breaches at $139. Given that 41 per cent of their survey respondents had more than 1,000 records affected, this takes the immediate cost impact of a data breach to over the $100,000 mark.

Considering how quickly a breach can impact numerous records, that's a cost that many businesses won't be able to bear. While we at Over the Wire will always recommend managed security services and prevention as the best cure, for the majority of organisations it’s the employees that are the weakest link. A mobile workforce, IoT devices and spear-phishing campaigns all present a potential cyber risk, and your security policies need to address them all.

Enter cyber insurance. A relatively new phenomenon, it seems to offer financial protection for businesses that do suffer a data breach. But what sort of coverage does cyber insurance provide?


How cyber insurance works for Australian businesses

Cyber liability insurance generally covers against two primary costs: keeping your data and networks secure and the price of disruption to business continuity. Many policies can also cover specific events or types of attacks, such as DDoS breaches or malware infection.

The Government’s Australian Cyber Security Centre (ACSC) noted in its 2017 threat report that cyber insurance was an industry undergoing rapid growth. As more high-profile attacks occur and businesses become more aware of the widespread impacts a single breach can have, it's popularity will increase.

For example, IBISWorld research from the USA in 2016 showed 15.3 per cent annualised growth in the sector over the previous five years. While this growth hasn't been reflected in the Australian market yet, it's only a matter of time before it gains more traction.


Can cyber insurance protect against every security threat?

This is unlikely. Insurance policies are, by design, tailored to protect a business or individual financially against specific events and have a wide set of exclusions. However, threats to cyber security evolve at an alarming rate, with new strains of malware or variants on existing viruses cropping up every single day. We've actually covered this recently - you can see three cyber threats that could defeat your legacy cyber security systems in 2018 highlighted by the ACSC here.

The point is, a cyber insurance policy would have to be impossibly broad to provide adequate cover for an Australian business. It can mitigate some of the cost of recovery or lost information, but the true breadth of a breach is as hard to cover as it is to predict.

Further to this, the ACSC argues that the allotted payment may not be enough to cover the true cost of a data breach. The IBM/Ponemon research shows that the costs of a data breach can include:

  • Information recovery and repair.
  • Breach identification and containment.
  • Notifying affected parts (including the Office of the Australian Information Commissioner) of the breach.
  • Fines for non-compliant reporting.
  • Customer churn and associated reputational damage.
  • Implementation of new security measures and training.
  • Lost intellectual property and reinforcing of this protection.

Put simply, cyber insurance is a useful tool for mitigating some data breach costs. It is not, however, a catch-all.


Should you cyber insure your business?

The problem may be that the insurer may not want to insure your organisation unless you have the basic controls for cyber security in place. Therefore implementation of the Government’s Australian Signals Directorate Essential Eight may be a pre-condition to obtaining a premium.

As the ACSC rightly notes, cyber insurance has its place, and that is alongside existing data breach prevention strategies. In particular, organisations should be implementing the Essential Eight, and take any extra steps that are easy to enforce at a business level.

This is the true prevention method. Educate staff, tighten up your security protocols, whitelist and constantly patch/harden software, and limit your administrator privileges wherever possible. Cyber insurance can limit your exposure to financial risk should the worst happen - but in itself is not a preventative measure.

Partner with the experts

Click here to download the White Paper

To start planning your cyber security strategy, make sure you partner with experts. Our white paper 6 steps to improve your business cybersecurity contains security tips you can put into action immediately to help protect your business.

Over the Wire's managed security services allows your business to mitigate risk by keeping ahead of security vulnerabilities. To learn more contact the Over the Wire team today.

3 cyber threats that could defeat your legacy cyber security systems in 2018

3 cyber threats that could defeat your legacy cyber security systems in 2018 At this point, hopefully your organisation's data security is up to scratch. The Notifiable Data Breaches scheme is in full effect for organisations who have obligations under the Privacy Act. Organisations should by now have conducted rigorous assessments of their data security and have comprehensive mitigation and response strategies in place.

Everything from individual security protocols and education to the strength and number of your firewalls should be analysed, weak points addressed and fail-safes for identifying and reporting breaches established.

However, your data security can't be static. In 2018, threats to your business move faster than ever before - the same technology that amplifies your organisation's capabilities also provides new entry points for malicious entities. You need to ensure you are protected from the latest threats that will otherwise bypass your legacy security systems. Here are three warnings that the Government’s Australian Cyber Security Centre (ACSC) wants you to know about.


1. Risks with Meltdown and Spectre patches

In January, the ACSC reported on difficulties faced by organisations that attempted to patch operating systems to protect against Meltdown and Spectre. Microsoft released these updates, but they proved incompatible with many existing security systems. In fact, Intel reported that there was a risk of information loss or corruption, as well as general system instability.

Even patches from trusted, household names can sometimes fail to remediate your data security. A new patch variant has been released to mitigate these risks, and monthly security updates from Windows can help to address any issues.


2. Bitcoin mining through Texthelp

Everyone wants to get their slice of the Bitcoin pie, and that goes double for malicious cyber criminals. On February 12, the ACSC alerted consumers to the presence of an unauthorised mining system, embedded in Texthelp's text-to-speech plugin, called BrowseAloud.

While a breach of trust, the ACSC advises this is not a full-blown data breach. Over 4,000 websites that featured the BrowseAloud functionality had their websites infected with Coinhive code. Coinhive generates Monero – a type of cryptocurrency. Texthelp took the plugin offline for a full examination of how the miner was inserted.

This is a good example of early detection, even if the breach was not designed to cause harm to those using the plugin. All told, The Guardian reports that the cryptocurrency mining netted the hackers $24 - hardly a worthwhile day's work.


3. Vulnerabilities in Cisco software

Cisco produces a great deal of software, for anything from analytics to unified communications. In February 2018, they announced the discovery of vulnerabilities in their security products and firewalls that could lead to denial of service attacks or remote code execution.

The weakness could enable malicious entities to execute meaningless filler code, taking up memory and forcing a reset of your system or rendering it unable to approve VPN authentication requests.


Take the next step with your data security

Click here to download the eBook

These 2018 cyber security threats have been dealt with swiftly by the parties responsible for patching them. It is essential that system administrators ensure that patches are deployed as soon as possible in a systematic and controlled way.

It's a 24-hour job, and that’s a big requirement - even for larger organisations with dedicated resources. Labour hours, technological know-how and the ability to execute restorative action are all must-haves in this environment. That's why managed security services can be so critical. By handing the reins over to trusted, local experts that are on hand at all hours, you can get the best for your business without you personally needing to stay on top of every new threat or development. Learn more about Over the Wire's managed security here.

There is no true endpoint in data security. Threats continue to evolve, so security systems must be in a constant state of change. Take the first step of improving your data security by downloading our 24 page cyber security eBook.

For expert advice on how to improve your data security, contact the Over the Wire team today or complete the form below and one of our friendly team members will be in touch with you shortly.

5 ways blockchain can help Australian businesses

5 ways blockchain can help Australian businesses Blockchain technology is revolutionising how organisations work. By creating a decentralised system through which information passes, validated on a P2P basis rather than a gatekeeping authority, businesses and not-for-profits can take advantage of huge potential efficiencies in operational processes that previously took days.

For example, you may have heard about Ethereum, a public blockchain network used by the UN’s World Food Programme to underpin a cashless economy for Syrian refugees. The instant validation of data means that this kind of process is applicable all around the world.

In Australia, businesses are starting to take note - here are five ways your business could leverage blockchain technology.


1. Customer identification

By employing blockchain, financial services organisations could tap into untold efficiencies in customer identification.

In a recent piece by iGTB Senior Business Analyst Binu Yohannan, he argues that the blockchain can serve as a single repository of customer identification information for an entire industry sector. With the appropriate encryption and data security regulations, the blockchain could store a bank's customer or transaction information in a database with all other institutions in the same country or city.

This gives organisations access to real-time, secure information that would otherwise be held up in the gatekeeping processes banks commit to on an individual basis.


2. Smart contracts

A smart contract is a computer program that contains a set of legal rules for negotiating the terms of an agreement. The rules can automatically be enforced and the agreed terms executed without the need for third party approval.

Smart contract data is encrypted and stored on a shared ledger in a Blockchain so in theory it is secure and immutable.

There have been exploits of smart contracts in the past, so it's important that your code is as airtight as your network security.


3. International payments

International payments can be made much faster and in a more transparent manner through the blockchain, according to Mastercard. The credit card giant is embracing the blockchain in a bid to overcome speed- and cost-related hold-ups in global B2B transactions.

An Accenture report suggests a 70 per cent drop in financial reporting costs through blockchain, as well as a 30 per cent decrease in compliance-related costs. By settling B2B transactions in the digital sphere without third party risks, businesses can realise massive financial benefits.


4. Voting and corporate governance

The transparency and P2P verification of a blockchain network makes it ideal for ensuring information is both secure and accurate. While this has largely meant financial institutions are benefiting from the tech, any enterprise involved in any kind of election can also reap the rewards.

By skipping third parties (in this case an electoral authority), organisations can create a shared voting ledger that records and validates data without fear of tampering. It's ideal for true insight into how an employee base (or even an entire population) wishes to vote.


5. Democratising the music industry

A tale as old as time - how do artists get paid for the full value of their work? The answer could lie in blockchain.

Writing for Techcrunch in 2016, TechTalks founder Ben Dickson argued that a single database on a blockchain network could contain artists' music, including copyrights, licensing fees, time stamps and unique identifiers. Tamper-proof and concreted in the system, individuals and businesses could then buy the music for a transparent dollar value, which is then permanently recorded in the chain.

By skipping third parties like labels and streaming services, people can pay artists directly for their music in a transparent, efficient manner.


What are you waiting for?

Click here to download the eBook Blockchain technology has levelled the playing field in so many ways. No longer do banks, record labels or other third-party authorities control information and money in the way they used to. It's a complete democratisation of information, but it's also absolutely reliant on data networks - which can be fallible.

The blockchain can revolutionise your business, yes, but without the right security protocols the information you submit to it could be vulnerable.

That's where Over the Wire can help - read our latest e-book to learn more about the primary areas of cyber risk and find out more about beefing up your security.

Beyond the Essential Eight: Extra Business Cyber Security Tips

Beyond the Essential Eight: Extra Business Cyber Security Tips In 2018, cyber security threats are moving faster than ever before. The Essential Eight (EE) is a shortlist of critical data security strategies developed by the Australian Signals Directorate (ASD) that informed our White Paper, 6 Steps to Improve your Business Cyber Security, but here are some additional mitigation tactics for your corporate defences.


1. Protect Your Website Content Management System (CMS)

Good data security means protecting every access point to your network - for many businesses, that means protecting their external-facing CMS.

A compromised CMS can lead to attackers accessing other protected areas of your website, installing malware or enabling remote access for third parties (like bitcoin mining tools), or perhaps even sabotaging your reputation by publishing unsavory content on your website. Even if your website contains no private information, such a breach indicates website frailty and can damage trust with consumers.

You can mitigate threats here by:

  • Using a managed CMS hosting platform, or work within the ASD's certified list of cloud providers.
  • Continuously maintain and patch your CMS to avoid publicly available frailties. This includes scripting environments, third party applications and custom code.
  • Remove or disable unnecessary third-party plugins and detailed error messages that attackers can exploit.
  • Employ change management in CMS deployment and file integrity monitoring.

2. Perfect your policies on social media

Social media: the Wild West of data security. Beyond the immediate risk of employees posting sensitive information on social media, staff who clearly identify as working for your organisation can do reputational damage with even a seemingly benign personal post.

The ASD warns that isolated incidences of information posted on social media, no matter how disparate, can be accrued by attackers and used for manipulation, targeted social engineering campaigns or exerting undue influence on the poster.

To mitigate risks in the social media environment, your policies must be comprehensive. They should cover:

  • Whether staff can identify themselves as affiliated with the company on personal profiles.
  • Training and explicit guidelines on the use of corporate social media accounts.
  • When access to company social media accounts is given and revoked.
  • How to recover accounts should they be hijacked and when to alert management of a potential breach.
  • Password protocols - for example, to never have a browser remember account details.

Social media can be a minefield to navigate, as so much of your security in this arena relies on basic common sense. Be as explicit as you can in your policy about any potential threats, and you can go a long way to protecting your business.


3. Learn to identify socially-engineered messages

Social-engineering messages are a critical part of spear-phishing campaigns, which the Australian Cyber Security Centre identified as a common threat to Australian corporates. The more education you can provide to staff on identifying these emails, the better-prepared your organisation will be in the future.

Most of the time, this can be straightforward. Teach staff to ask the following whenever they receive an email regarding sensitive information:

  • Is the sender recognisable, and is their email address spelled correctly?
  • Are they asking you to open a suspicious attachment or link?
  • Are they requesting sensitive information or the transfer of funds?
  • Is there a request for a specific activity (like enabling Microsoft Office macros)?
  • Is the sender asking for information that they should not usually be able to access?

If any red flags arise, teach staff about what to do next. They should not delete the message, they should forward it to their IT department or other relevant body. Confirming details of requests with the alleged sender over the phone or in person is also an excellent way of identifying socially engineered messages. To learn more about cyber threats through email, read our article 5 Ways Your Business Can Prevent Email Compromise.


Click here to download the eBook

What to do next

It's 2018, and extensive information about ourselves and our businesses is online. It's important to take every step possible to protect that information, and prevent malicious attackers from exploiting it. Dive deeper into the identification and protection of cyber threats by downloading our 24 page cyber security eBook.

For expert advice on how to improve your data security, contact the Over the Wire team today or complete the form below and one of our friendly team members will be in touch with you shortly.

10 household names you didn't know suffered a data breach

10 household names you didn't know suffered a data breach Suffering a data breach doesn't mean your organisation is poorly run. While it's crucial to have network security and internal systems in place to keep your business protected, cybercriminals are incredibly advanced. Some of the biggest organisations in the world fall prey to data breaches, as we'll show you today.

This information comes from Have I Been Pwnd (HIBP), a website that has recently partnered with the Australia Cyber Security Centre (ACSC). By identifying breaches and showcasing the breadth and scale of them, both bodies hope to keep Australians up to date with the latest in data security. How many of these breached companies do you recognise?



1. Adobe

The software giant, primarily known for its design products, suffered a massive breach in 2013. This saw hackers gain access to information on 153 million accounts, including encrypted passwords.

2. BitTorrent

Even if you haven't downloaded using P2P torrents, chances are you've heard of the big-name downloading clients - with BitTorrent chief among them. In January 2016, forums for the software suffered a data breach, which led to more than 34,000 users having email and IP addresses compromised.



3. Coachella

Coachella is arguably the biggest music festival in the world, which perhaps made it a prime target for malicious cybercriminals. In February last year, hackers took nearly 600,000 records from both the festival website and its associated forums, before trying to sell them online.



4. Dominos

Cybercriminals use leaked information in many ways. In the case of Domino's in France and Belgium, hackers accessed 648,000 records in their network and tried to hold the company to ransom or they would release the information publicly. Domino's didn't pay up, and the data was released six months after the June 2014 breach.

5. LinkedIn

One of the larger hacks on this list, more than 164 million LinkedIn users had their data compromised in 2012. However, these email addresses and passwords weren't marked as breached until May 2016, when the data popped up for sale on the dark web.



6. Kickstarter

The renowned crowd-funding site suffered a data breach in 2014, which impacted some 5.2 million unique email addresses. While personal financial details were kept safe, usernames and salted SHA1 password hashes were revealed, which can compromise other accounts with the same information.

7. Snapchat

Snapchat somewhat built their own demise in 2014. HIBP notes that shortly after the company stated a brute force attack on their database was theoretical, hackers did just that and accessed 4.6 million users' names, locations and even phone numbers.



8. Myspace

Another case of delayed selling of information, this time eight years later. In 2008, cybercriminals breached MySpace's security and gained the emails, usernames and passwords of a whopping 359 million users. It wasn't noticed until the information was put up for sale in May 2016.



9. Sony

A household name, whose hack is already household knowledge. In 2011, everything from Sony Pictures through to the PlayStation Network was compromised due to an SQL injection weakness. At 37,000 accounts breached, it is one of the smallest breaches here in number of records, but one of the most widely reported.

10. Vodafone

This breach occurred in Iceland but shows how even trusted names in tech can unwittingly leave you exposed. In 2013, hackers got everything from credit card details to passwords to SMS messaging histories for some 56,000 users.


Has your email address been pwned?

Have I Been Pwnd (HIBP) is a platform that allows you to check if your email address has been part of a data breach. With millions of email addresses stolen over countless data breaches, if you've used the same email address for several years, there is a fair chance it has made it onto a hackers list or two. Check your email address here.


It can happen to anyone - so everyone should be prepared

Click here to download the White Paper It's important to note that data breaches can have a widespread impact. The ACSC notes that interdependencies between systems or shared cloud vulnerabilities can mean that when one attack strikes, multiple organisations can suffer.

This means your data security has to be thorough, widespread and constantly evolving. To get you started, you can learn about six things you can do right now to help protect your business from a data breach today by downloading our white paper, 6 Steps to Improve your Business Cyber Security.

For a more in depth look at network security you can learn more about Over the Wire's managed security solution, Edge Security Protection, our advanced firewall solution. To see how your business can benefit, get in touch with the team at Over the Wire by completing the form below.

3rd Generation of our Managed Security Platform Launched

OTW becomes a major Fortinet cloud Managed Security provider Following 18-months of R&D, we have embraced Fortinet’s virtualised cloud deployment model to offer Managed Security and network services to Australian businesses. Over the Wire and subsidiary Telarus have been using Fortinet’s security platform for nearly a decade and we're excited to launch our 3rd generation of the Managed Security offering.

Leveraging our existing private cloud environment, which has nodes in Melbourne, Sydney and Brisbane, we are able to expand the security platform onto our private cloud. This means that our customers will be able to benefit from a diverse and complex managed security solution at the core of their business WAN while avoiding large hardware capital expenditure.

“Previously we had deployed appliances in diverse data centres but found that this model lacked the flexibility required by growing businesses. Not only does the physical security appliance model require the purchase of redundant hardware, but as soon as a client needs additional capacity or features there is the risk that all the old hardware becomes obsolete,” says Scott Allen, Over the Wire’s National Manager of Presales. “By leveraging Fortinet’s VM licensing and moving the physical infrastructure requirements onto our existing cloud nodes we can rapidly deploy or upgrade a customer’s environment without risk of having wasted tin sitting around at the end of the process, meaning a faster turnaround at a lower cost.”

The decision to retain Fortinet as the security vendor extends a relationship that has been ongoing since 2010. The Fortinet Security Fabric enables Over the Wire customers to benefit from a comprehensive suite of security intelligence, integrated seamlessly into their corporate network.

“Beyond the standard detection, prevention, content filtering and reporting, the Fortinet offering also gives Over the Wire customers greater peace-of-mind,” Scott continues. The Fortinet Security Fabric helps businesses to be one step ahead through the AI and Machine Learning Fortinet uses on data from millions of connected end-points worldwide, meaning better detection and blocking of ‘Zero-Day’ threats. “By adding this at the private network level and managing it for them, our customers get a comprehensive network security solution, not simply a security appliance deployed in isolation,” Scott Allen explains.

With the Notifiable Data Breach scheme introduced earlier this year and other security issues in the news regularly, corporate data security has become a hot topic. At Over the Wire we believe in the importance of a robust, managed security solution. This gives Australian businesses access to expert support and enterprise-grade solution deployments that would otherwise be out of reach for most organisations.

Learn more about Over the Wire's Managed Security solutions online or contact our team to organise a security discussion session today.


What is private blockchain, and which types of organisation can benefit?

5 ways blockchain can help Australian businesses Believe it or not, blockchain is nearly 10 years old. Since 2009, the technology has acted as the digital ledger through which Bitcoin transactions pass – it’s been the critical piece of infrastructure behind the rise of cryptocurrencies.

By establishing a shared digital ledger, public blockchain technology has levelled the playing field for currency-based transactions by democratising the flow of transactions, making them visible to anyone.

However, the same technology can be deployed within a private blockchain scenario. While more restricted in capability, this technology can have massive benefits for Australian business.


How does private blockchain work, and how is it different from public?

In a public blockchain, anyone can read or make transactions as it is an open-source model with no centralised database or governance. New transactions are added to the existing string (the proverbial blockchain), providing a comprehensive and transparent history of all purchases and sales that every participant has read, write or audit access to.

It allows for real-time transactions, with pre-existing nodes (participants) validating credentials and balances instead of third parties like banks. It's an autonomous, self-validating, constantly evolving chain of activity that anyone can interact with. Bitcoin is the pre-eminent example of public blockchain technology.

Private blockchain operates under the same principles as public, but with a set operator of the string and a clearly defined set of boundaries. It contains all of the self-validating benefits of the public blockchain, but retains the privacy and centralised control that people associate with traditional transactional models.


The benefits of private blockchain for Australian businesses

If a business wants to use blockchain technology, it will typically be for one of the following operations:

  • Financial transactions.
  • Automate record transfer, keeping and sharing.
  • Vote counting (and preventing fraud in electoral processes).

Forbes reports that blockchain and biometric eyeball scanning technologies underpin the systems that support food distribution in the Syrian refugee crisis. While there are many further uses of blockchain, at the core of its business functionality is the creation of transparent, stacking “ledgers” of information. This is where private blockchain can prove extremely useful.


1. Security

In a private blockchain, organisations can control exactly who has read, write or audit permissions. This is critical for industries like financial and professional services, where data will often be sensitive and its release could constitute a data breach.

Restricting administrator privileges is one of the key elements in the Australian Signals Directorate's 'Essential Eight'. By combining this tactic with the shared infrastructural benefits that blockchain offers, businesses get the best of both worlds.


2. Automation

Because transactions are instantaneous and non-refundable, privatising blockchain can also greatly reduce red tape when transmitting communications or funds within a single organisation. It's not just the democratisation of transfers; it's the automation of them, too.


3. Revolution

A recent EY (a global leader in knowledge management) blockchain revolution paper notes a core problem holding public blockchain back from widespread success - identity. The lack of digital-based identity behind the blockchain means that it cannot break through current regulatory red tape.

However, if organisations can establish a clear digital identity that people interact with through the blockchain (which is likely easier under a private model), EY argues that this could revolutionise financial services. Clear, realised value is no longer relative to the blockchain - it becomes a tangible competitor to real-world markets.


What to look out for in private blockchain

Click here to download the eBook The security of private blockchain does come with certain drawbacks. In the same sense that intranet is safer but more limited than the Internet, private blockchains are unlikely to reach the operational capacity that public ones can.

On the other hand, utilising public blockchain can mean businesses are restricted in the transactions they can make, lest secure information be made public.

Overall, the benefits of blockchain technology are profound. Shared infrastructure, less red tape and the ability to control permissions - it's the kind of infrastructure that many organisations have been waiting decades for. However, it's important to support this new technology with the right safety protocols in place.

Want to find out more about secure information and the future of Australian businesses? Read our latest cyber security eBook.

Pages