DELOITTE HACK: CYBERSECURITY INDUSTRY NEEDS TO STEP UP, EXPERT SAYS

DELOITTE HACK: CYBERSECURITY INDUSTRY NEEDS TO STEP UP, EXPERT SAYS

IN the wake of revelations of a widespread hack on accounting firm Deloitte's internal systems, a cybersecurity expert says his industry needs to step up its own systems to provide further protection for at-risk businesses..

The hack, which compromised the confidential emails and documents of Deloitte's blue-chip clients, reportedly went unnoticed for months.

Reports of the scope of the cyber-attack raised serious concern as the  firm specialises in delivering high-end cybersecurity advice to some of the world's biggest banks and multinational corporations.

Deloitte has attempted to downplay the impact of the attack, claiming it impacted "very few" clients.

So far, six clients of the "big four" accounting firm have been told their information was impacted by the hack.

Following the attack on Deloitte this week, and the hack of Equifax's servers earlier in the month, Brandon Swafford, CTO of Data Protection and Insider Threat Security at Forcepoint, says the cybersecurity industry needs to quickly address several problems.

"The industry must quickly focus on the crossroads between people, process and technology to adequately address these unyielding security threats," says Swafford.

"News of Deloitte's breach, reportedly resulting from a lack of multi-factor authentication that led to access of sensitive data in the cloud, highlights that a focus on one security risk point is not adequate."

It is reported that hackers accessed usernames, passwords, IP addresses, architectural diagrams, and health information, via an administrator's account. The initial report from The Guardian says the administrator account required only a single password and did not have "two-step" identity verification.

Swafford says one solution is to increase focus on training around cybersecurity for all employees.

"Organisations must start with a focus on their people and how they use and access critical data and systems," says Swafford.

"The only way to stop these cyber threats is to first understand normal user behaviour and normal movement of data in and out of the company.

"Companies can complement this human-centric security approach with internal training, policies and processes to help employees and partners understand what's expected of them. A focus on any one of these only puts more risk in the other."

Never miss a news update, subscribe here. Follow us on Facebook, LinkedIn, Instagram and Twitter.

Business News Australia

Enjoyed this article?

Don't miss out on the knowledge and insights to be gained from our daily news and features.

Subscribe today to unlock unlimited access to in-depth business coverage, expert analysis, and exclusive content across all devices.

Support independent journalism and stay informed with stories that matter to you.

Subscribe now and get 50% off your first year!

SMEs urged to consider business insurance to mitigate financial risks
Partner Content
A single “bad luck” incident could cause financial disaster for many Australian sma...
Advertisement

Related Stories

‘It makes a lot of sense’: Glen Richards takes the long view with Arbor Permanent Owners investment

‘It makes a lot of sense’: Glen Richards takes the long view with Arbor Permanent Owners investment

After spending most of his career investing with a timely exit in m...

Property fund Centennial lifts portfolio weighting in Queensland with $13.1m Bulimba industrial deal

Property fund Centennial lifts portfolio weighting in Queensland with $13.1m Bulimba industrial deal

Sydney-based funds manager Centennial has lifted its already solid ...

Resimac steps up diversification push after snaring Westpac’s $1.6b auto loan portfolio

Resimac steps up diversification push after snaring Westpac’s $1.6b auto loan portfolio

Non-bank lender Resimac Group (ASX: RMC) has bought Westpac’s...

Dexus partners with Marquette Properties to revamp Brisbane office tower into $500m student dorm

Dexus partners with Marquette Properties to revamp Brisbane office tower into $500m student dorm

Listed property group Dexus (ASX: DXS) is partnering with Marquette...