Business and cyber security: Preparing strategies to potential threats
We recommend every business consider developing strategies to counter potential threats. For example, in establishing a cyber presence, many businesses buy software packages or contract external IT firms to build their websites. Businesses should discuss and evaluate computer security. This consideration should also extend to software protection and encryption as opposed to just relying on firewall and antivirus products to be sufficient protection.
The US Department of Homeland Security (DHS), with its dedicated Cyber Security section US-CERT (US Computer Emergency Readiness Team) has produced a detailed list of software vulnerabilities which is specifically targeted at assisting businesses to establish and maintain secure websites.
Australia’s version, CERT-Australia, may also provide some guidance for businesses in considering computer protection strategies, as it has support and information that most business ICT professionals will not have access to.
One key aspect of the material published by the DHS is the top 25 list of programming errors (which some in the US media have argued have been exploited in many of the recent attacksthat key US sites have been experiencing). It is DHS’s hope that the reports and material available will “prompt organizations to address the real and growing threat software security poses to their operations”. We recommend you review the DHS material.
Additionally, the Australian Strategic Policy Institute has recently produced a thought provoking report “Your system might be at risk- Australia’s cyber security” (Dr Andrew Davies, 31 May 2011). We recommend you also review this report as it may assist you in preparing strategies to potential cyber threats.
In summary: business must be proactive
Business owners should be proactive in reviewing how best to protect hard earned intellectual property and confidential data. There is no replacement for strong cyber security capabilities within an organisation, and the onus is on you to make sure your systems are secure and resilient.
Mason Sier Turnbull lawyers can help you develop a Cyber Protection Plan tailored to your business assets – please contact our Corporate Advisory team for advice.
Authors: Marianne Dunham & Susan Reece Jones