Story image

Hush-hush attitudes toward cyber attacks 'devastating' Kiwi businesses

19 Apr 16

Hush-hush attitudes of professional services firms and their IT providers are contributing to a tidal wave of cyber attacks that are continuing to devastate New Zealand businesses, according to IT firm Resolve.

Simon Falconer, Resolve managing director, says industry groups being hit with spam need to work together, alongside their IT providers or staff, to combat the growing spam problem targeting SMEs in specific industries.

“We’re seeing a substantial increase of spam targeting our customers and we’re finding that when a breach occurs it’s usually a malicious attack the industry has already seen and dealt with,” Falconer explains.

“The same mistakes keep happening because we aren’t talking to each other about it and what lessons should be learned,” he says.

Falconer is calling for more collaboration and information sharing on security threats and breaches between professional services firms via a private forum, but recognises some may not be willing to participate in a forum like this for fear that their reputation is at risk.

“No one talks – because when a security breach occurs the relevant business or the IT provider is embarrassed to suggest their clients’ data was at risk, and their reputation could be on the line,” he says.

“But if we were having these discussions in a respected and confidential environment we might be able to start combating the problem and provide better outcomes to our customers,” Falconer says.

The New Zealand Internet Task Force (NZITF), with members from some of New Zealand’s largest businesses and IT providers already exists, and has a focus on “improving the operational robustness, integrity, and security of the internet in New Zealand” where their regular forum allows for “collaboration on matters relating to the cyber security of New Zealand.”

Falconer says that it’s important to have a task force at a higher level established and commends the work the NZITF are doing, but believes there is still a need for more ‘on the ground’ level of action in this space.

“We want to see industry bodies like the Law Society or the Institute of Chartered Accountants leading the way and provide a forum where breaches can be openly discussed and strategies developed within their own industry,” he explains.

“The attacks are industry targeted and groups like the Law Society already have established structures to facilitate and organise a forum like this.

“There’s also perhaps a role here for the NZITF to work more closely with industry bodies either through training, or better information sharing, and that way we can bring the two together and reach a wider audience,” says Falconer.

In March, Falconer says a staggering 82% of email coming through Resolve’s mail server was recognised as spam and either discarded or held in ‘quarantine’.

Falconer says it has never been this high and new variants of malware invading computers and severs via spam email are emerging every day.

“The arms race between malware authors and security software developers is fraught with new and undetectable strains of malware making an appearance every day, and staying on top of it is a challenge,” he says.

IP theft: A global issue catching NZ businesses off guard
“We have this incredible record of innovation in New Zealand. But our innovative businesses haven’t always been meticulous in shoring up their IP."
Why A/NZ organisations need to improve compliance protocols
Only a mere 4% of IT decision makers and data managers surveyed said their organisation faced no data management challenges. 
What the people say - Gartner’s November Customers’ Choices
A roundup of the latest Gartner Peer Insight Customers’ Choices from Backup and Recovery to Business Intelligence and Analytics, and more.
BlackBerry buys out cybersecurity AI firm Cylance
“We are eager to leverage BlackBerry’s mobility and security strengths to adapt our advanced AI technology to deliver a single platform.”
Data protection is key to building customer trust
"New data compliance rules offer an opportunity for businesses to re-evaluate their processes and improve data management and customer loyalty."
NZ Internet Task Force joins iSANZ Hall of Fame
NZITF chair Barry Brailey and former chairs Mike Seddon and Paul McKitrick received the award in Auckland last week.
Quantum computing: The double-edged sword for cybersecurity
Quantum computing is quickly moving from science fiction to reality.
Three ways to achieve data security whilst enabling BYOD
"A mobility strategy is now more important than ever before, that said, selecting the right one is often no small task."