In February 2016, a group of hackers from Russia took control of a Victorian high school’s phone system to unleash a flurry of bomb threats across schools in New South Wales, Queensland, and Victoria, causing major disruptions, but ultimately, no injury. But Australian government and business officials are worried about what could happen from a cyber security attack with more sinister goals.
This attack from the “Evacuation Squad” has demonstrated vulnerabilities in Australian cyber security, and businesses and government organisations are now working to catch up with International cyber security standards. That’s why Fortinet is partnering with businesses, organisations, and industries for a Cyber Secure Australia.
Hackers have already shown what can happen when they take control of a major telecommunications network. An Internet security breach took a Ukrainian power station offline earlier this year, and in 2014, hackers took over a German steel mill, causing massive damage across the plant.
But the damage from a cyber attack doesn’t have to be physical. Cyber attacks can pose risks to the data and information that organisations store in their systems, especially sensitive financial and customer sales data. These threats are increasingly well organised and cyber criminals are developing even more sophisticated techniques to evade detection, according to a recent Fortinet report on threat trends.
The Australian federal government has a wide set of mandates for data security and privacy, which vary for different industries. Businesses and organisations across the spectrum of the Australian economy have obligations to meet federal government mandates for security, privacy, and data protection. Understanding these mandates, and having the technology to implement them, can be a challenge for businesses, regardless of their size or technological ability.
The Australian government is working to strengthen its cyber security requirements through the Telecommunications Sector Security Reforms Act, which is currently under review by the Attorney-General and the Minister for Communications and the Arts.
Australian laws that govern security include the Australian Privacy Principles, the Cybercrime Act, the Spam Act, and the Telecommunications Interception and Access Act. Banking and finance concerns are regulated by the Australian Prudential Regulatory Authority while organisations that take credit card payments must meet the regulations of the Payment Card Industry - Data Security Standard (PCI-DSS). Healthcare providers, telecommunications companies, and utilities also have federal rules that govern how they handle and secure data.
With tighter restrictions likely for Australian businesses and organisations, implementing industry-leading security protocols will help ensure compliance as the standards are updated and expanded. Driving double-digit growth worldwide are Fortinet’s enhanced, multi-faceted security solutions and support, including datacentre Internal Network Firewall solutions and an Advanced Threat Protection framework.
Providing protection from advanced cyber security threats requires a host of coordinated services, all working together to ensure that threats are discovered and eliminated quickly. Critical components in an Advanced Threat Protection framework include network firewall, network intrusion prevention, gateway antivirus, and web application firewall.
Fortinet offers Security without compromise with advanced network protection that reduces threat response time to minutes through a network that automates and integrates prevention, detection, and mitigation. Fortinet’s end-to-end security platform approach provides comprehensive coverage and simplifies management of the entire security system.
Fortinet will be at the Australian Cyber Security Centre conference in Canberra from April 12-14, 2016 to help Australian organisations understand the critical need for enhanced cyber security. Our experts will be on site to address the full range of Australian cyber security issues, including threat modelling, secure coding, penetration testing, database security, cyber security incident response, malware analysis, vulnerability discovery, mobile device security, and sector specific information security challenges. Find us at Booth 11 in the National Convention Centre.