top of page


This past week, the 5 Eyes Security Alliance accused of hacking YANDEX (Russia’a Google); MacbookPro – may ‘light up’ your office (but not in a good way); Large ‘Cloud’ provider hacked; a healthcare insurer discovers breach after almost a decade; internet scams cost Australians millions; file sharing abuse on rise and a new report indicates that UK businesses are slow to adopt cybersecurity defences.*

This Past Week’s Top Targeted Dark Web Exploits*: Top Source Hits: ID Theft Forums Top Compromise Type: Domain Top Industry: Medical & Healthcare Top Employee Count: 11 - 50 Employees

This Past Week’s Top Targeted Industries:*

Software Hits: 146 | Targets: Facebook, Google, Attunity, JetBrains, Microsoft

Information Technology Hits: 125 | Targets: Facebook, Sony Corp, Google, Twitter, Microsoft

Internet Hits: 80 | Targets: Facebook, CloudFlare, Twitter, Amazon, Yandex

Social network Hits: 65 | Targets: Facebook, Google, Twitter, WhatsApp Inc., LinkedIn

Software Hits: 56 | Targets: Attunity, JetBrains, Electronic Arts Inc, Yandex, Citrix

This Past Week’s Top Threat Actors:*

TA505 Hits: 27 | Targets: United States, Chile, Italy, India, Malawi

Hezbollah Hits: 19 | Targets: Israel, Syria, Lebanon, Iran, United States

MuddyWater Hits: 13 | Targets: Pakistan, Android, Turkey, Tajikistan, Government of Saudi Arabia

APT33 Hits: 12 | Targets: Saudi Arabia, United States, Critical infrastructure systems, WinRAR, Saudi Aramco

Lizard Squad Hits: 11 | Targets: Xbox Live, Sony Corp, PlayStation Network, Malaysia Airlines Flight 370, Facebook

This Past Week’s Top Malware Exploits:*

Sodinokibi Hits: 59 | Targets: Oracle WebLogic Server, Encryption, InfoSec, Oracle Corp, Microsoft Windows

Ryuk Ransomware Hits: 33 | Targets: Bitcoin, United States, Dataresolution, Check Point Software Technologies Ltd, Tronc, Inc.

Stuxnet Hits: 33 | Targets: Iran, North Korea, Industrial Control Systems, SCADA and ICS Products and Technologies, United States

AndroMut Hits: 25

Fengcai Hits: 22 | Targets: Islamic State in Iraq and the Levant



While we were raging about Putin's meddling and Kremlin hackers, Five Eyes were “all over” Yandex, Russia's Google*

Hackers from the Five Eyes intelligence agencies* have been accused of breaking into systems at Yandex, dubbed Russia's Google. A report by Reuters cites four sources claiming Western spies are believed to be behind a malware infection spotted spreading among developer machines at the Russian search, webmail, and ecommerce giant Yandex over several weeks in October and November last year. The Windows malware, dubbed Regin, was developed and wielded by Britain's GCHQ and America's NSA to spy on VIPs around the planet, according to top-secret files leaked by Edward Snowden. The modular and adaptable software nasty is primarily designed to be used for extended surveillance operations. In the case of Moscow-based Yandex, the malware was apparently used to follow a specific group of programmers within the organization's research and development division. It is thought the West's hackers wanted to figure out a way to covertly break into specific user accounts and harvest private messages and other sensitive data. "Cyber attacks are a common occurrence throughout the world. This particular attack was "It was fully neutralized before any damage to Yandex customers' data was done. At this point in time we are not disclosing any further details about the attack. The Yandex security team’s response ensured that no user data was compromised by the attack. "Ensuring the security of user data is of critical importance to us. Following the attempted attack, we took the necessary measures to ensure that we would not be susceptible to such an attack in the future. We continue to employ all relevant cyber defense tools and also cooperate with leading third-party experts and providers to protect our users' privacy detected at an early stage by the Yandex security team," a Yandex spokesperson said. Russian infosec giant Kaspersky, which published an investigation into Regin back in 2014, was called in by Yandex to help clean up the infection and help attribute the attack to Five Eyes intel agencies. When contacted, Kaspersky declined to comment. It's tempting to chalk this up to "spies do spying." It is no secret that the NSA and other Five Eyes member agencies have sought to infiltrate critical government and private sector organizations in Russia and other nations to extract intelligence. However, at a time when the US government has been publicly criticizing other countries for hacking American public and private sector networks as part of their own spycraft, it comes off as more than a little hypocritical that Uncle Sam's own white/grey/black hats were hard at work infiltrating one of Russia's largest online businesses.

*The "Five Eyes" (FVEY) refers to an alliance comprising Australia, Canada, New Zealand, the United Kingdom and the United States. These countries are bound by the multilateral UKUSA Agreement for joint cooperation in signals intelligence, military intelligence, and human intelligence.

MacBook Pro: Apple issues voluntary recall for godforsaken laptops, again*

Apple has urged its fans to stop using certain MacBook Pro models, and has issued a voluntary recall of the notebooks, after they were found to be prone to battery blazes. The “Loop” said today that the battery packs in 15-inch MacBook Pro models made between September 2015 and February 2017 have a nasty tendency to get a bit too warm under the hood, potentially bursting into flames. "Apple has determined that, in a limited number of older generation 15-inch MacBook Pro units, the battery may overheat and pose a fire safety risk," the maker said. "Affected units were sold primarily between September 2015 and February 2017 and product eligibility is determined by the product serial number." Long-suffering loyalists can check if their ‘WhackBook Pros’ are covered by entering their serial number into Apple's support page. Those who fall under the recall will then be given more information on how they can get the fire-hazard battery swapped out for one that will hopefully be less likely to suddenly burst into flames. "The recall does not affect any other 15-inch MacBook Pro units or other Mac notebooks," Cook and Co. said. "Because customer safety is a top priority, Apple is asking customers to stop using affected 15-inch MacBook Pro units." Apple did not say if there have been any reports of fires or injuries as a result of the notebooks overheating. For those keeping track, this will be the second time this generation of the MacBook Pro has been subject to a recall. Last June, following months of complaints from customers and threats of litigation over the quality and reliability of the butterfly keyboard system in the MacBook Pro, Apple finally caved and agreed to issue a voluntary recall to replace the keyboards on notebooks made during the same 2015-2017 time period.

Breach at Cloud Solution Provider PCM Inc*.

A digital intrusion at PCM Inc., a major U.S.-based cloud solution provider, allowed hackers to access email and file sharing systems for some of the company’s clients, KrebsOnSecurity has learned. Californian based PCM is a provider of technology products, services and solutions to businesses as well as state and federal governments. PCM has nearly 4,000 employees, more than 2,000 customers, and generated approximately $2.2 billion in revenue in 2018. Sources say PCM discovered the intrusion in mid-May 2019. Those sources say the attackers stole administrative credentials that PCM uses to manage client accounts within Office 365, a cloud-based file and email sharing service run by Microsoft Corp.

One security expert at a PCM customer who was recently notified about the incident said the intruders appeared primarily interested in stealing information that could be used to conduct gift card fraud at various retailers and financial institutions. In that respect, the motivations of the attackers seem similar to the goals of intruders who breached Indian IT outsourcing giant Wipro Ltd. earlier this year. In April, KrebsOnSecurity broke the news that the Wipro intruders appeared to be after anything they could quickly turn into cash, and used their access to harvest gift card information from a number of the company’s customers. It’s unclear whether PCM was a follow-on victim from the Wipro breach, or if it was attacked separately. As noted in that April story, PCM was one of the companies targeted by the same hacking group that compromised Wipro. The intruders who hacked into Wipro set up a number of domains that appeared visually similar to that of Wipro customers, and many of those customers responded to the April Wipro breach story with additional information about those attacks. PCM never did respond to requests for comment on that story. But in a statement shared with KrebsOnSecurity today, PCM said the company “recently experienced a cyber incident that impacted certain of its systems.” “From its investigation, impact to its systems was limited and the matter has been remediated,” the statement reads. “The incident did not impact all of PCM customers; in fact, investigation has revealed minimal-to-no impact to PCM customers. To the extent any PCM customers were potentially impacted by the incident, those PCM customers have been made aware of the incident and PCM worked with them to address any concerns they had.” On June 24, PCM announced it was in the process of being acquired by global IT provider Insight Enterprises. Insight has not yet responded to requests for comment. Earlier this week, cyber intelligence firm RiskIQ published a lengthy analysis of the hacking group that targeted Wipro, among many other companies. RiskIQ says this group has been active since at least 2016, and posits that the hackers may be targeting gift card providers because they provide access to liquid assets outside of the traditional western financial system. The breach at PCM is just the latest example of how cybercriminals increasingly are targeting employees who work at cloud data providers and technology consultancies that manage vast IT resources for many clients. On Wednesday, Reuters published a lengthy story on “Cloud Hopper,” the nickname given to a network of Chinese cyber spies that hacked into eight of the world’s biggest IT suppliers between 2014 and 2017.

Dramatic Increase of ‘file sharing’ abuse*:

Security researchers are warning of a “dramatic” increase in the exploitation of legitimate file sharing services to deliver malware in email-based attacks, especially OneDrive. FireEye claimed in its latest Email Threat Report for Q1 2019 that services including WeTransfer, Dropbox, Google Drive and OneDrive are increasingly being used to host malicious and phishing files. However, while Dropbox was most commonly used of all the services, OneDrive is catching up fast. From hardly being used in any attacks in Q4 2018, it shot up by over 60% in the intervening months. Hackers are using such services as they bypass the initial domain reputation checks made by security tools. Detection filters are also challenged by the use of “nested emails.” With this tactic, a first email contains a second email as attachment, which in turn contains the malicious content or URL.FireEye also warned of a 17% increase in total phishing emails spotted over the previous quarter, with the most-spoofed brands including Microsoft, followed by OneDrive, Apple, PayPal and Amazon. Hackers are increasingly using HTTPS in phishing attacks featuring URLs in a bid to trick users into clicking. FireEye observed a 26% quarter-on-quarter increase in the tactic, which exploits the consumer perception that HTTPS is inherently secure. In fact, the FBI was recently forced to issue an alert warning that HTTPS and padlock icons in the address bar are not enough to prove the authenticity of sites. It said that users should resist clicking on links in unsolicited emails, it added. Finally, FireEye warned that cyber-criminals are expanding their repertoire when it comes to BEC attacks. In one version they target the payroll department with requests to change the bank details of senior executives with the hope of diverting their salary. In another, they focus on accounts payable but pretend to be trusted suppliers who are owed money, instead of the CEO/CFO.

Hacked medical debt collector files for bankruptcy protection from debt collectors*

The healthcare debt collector ransacked by hackers, who gained access to millions of patients' personal information, has filed for bankruptcy protection. Retrieval Masters Creditors Bureau, aka American Medical Collection Agency (AMCA), told the Southern New York US District Court this week that it was seeking chapter 11 bankruptcy protection. That means it's asked a judge to shield it for up to 18 months from creditors' lawsuits, in which money owed is demanded, while it gets its finances in order. The biz lists its address as being in Elmsford, New York, a town about 27 miles from NYC. The filing comes after it emerged AMCA's patient databases, which stored personal and banking details of millions of folks, were infiltrated by Cyber Criminals. The agency had been recruited by medical testing companies to collect payments from their customers, which is why it was storing their personal records on its subsequently hacked systems.

Those testing labs included Quest Diagnostics (12 million records exposed), LabCorp (8 million), BioReference Laboratories (423,000), Carecentrix (500,000), and Sunrise Laboratories, adding up to more than 20 million records, including several hundred thousand payment card details, at miscreants' fingertips. The network intrusion went undetected for some eight months. In the fallout of the hack, Quest and Labcorp bore the brunt of public scrutiny and scorn from US Congress, however, as we now see, AMCA has also taken a hit from the cyber-heist, one significant enough to put its future in doubt. Far from a filing of insolvency, chapter 11 bankruptcy allows a company to shore up its finances without the threat of creditors and aggressive collection agencies such as, ironically enough, AMCA, extracting any money owed. According to the chapter 11 filing, AMCA says it has somewhere between one and ten million dollars in liabilities, and the same range of money in assets. AMCA noted that it plans to pay off its creditors, estimated to number anywhere from 100 to 199 different people and companies. The list of those creditors is fairly mundane and seems to mostly be bills for day-to-day activities. For example, AMCA says it owes IBM $15,299.64 for IT services, and Cablevision is owed $7,679.02, presumably for internet service. The filing makes no mention of Quest Diagnostics, LabCorp, or any of the other customers whose patient data was illegally accessed.


THREAT FOCUS: Ministry Of Civil Service – TAIWAN*

Exploit: Employee breach Ministry of Civil Service: Government agency responsible for overseeing pay, entitlements, performance, evaluation, insurance, retirement, and pension program

Risk to Small Business: 1.555 = Severe: Hackers gained access to the government agency’s network, where they retrieved vast amounts of personal information stored with the agency. Another government agency notified the Ministry of Civil Service about the breach on June 22, noting that the stolen data was already published on various foreign websites. The agency took the proper actions in response to the breach, but the information for hundreds of thousands of workers was already published online, which means that the damage is already done. Now, the Ministry of Civil Service is responsible for helping their employees recover from this devastating event.

Individual Risk: 2 = Severe: The agency has already notified those impacted by the breach, which included the theft of their names, ID numbers, national identification card numbers, agency information, job designation, and other professional material. This data will quickly make its way to the Dark Web, so these employees should take every precaution to ensure that their information is safe.

Customers Impacted: 243,376

Effect On Customers: Timely and effective responses to a data breach are critical to help people recover, but these actions don’t undo the damage on those impacted. Therefore, every organization needs a plan to support their customers in the event of an attack, which can include helping them understand what happens to their information after it’s stolen.

Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach

THREAT FOCUS: Dominion National Health – USA*

Exploit: Unauthorized network access Dominion National: Health insurer providing dental and vision benefits Risk to Small Business: 1.333 = Extreme Risk: An internal notification alerted company officials of a data breach that occurred in 2010. When hackers breached the insurance provider’s network, they gained access to the sensitive information of beneficiaries. In response, the company cleaned its servers to eradicate any unauthorized users from the platform. While it’s common for data breaches to go undetected, ten years is certainly a long time to recognize a vulnerability. As a result, Dominion National will face increased media scrutiny over its cybersecurity capabilities, along with the high cost of updating their security standards and helping their customers recover from the incident.

Individual Risk: 1.857 = Severe Risk: Although the company hasn’t released specifics on the scope of the incident, the unusual exposure length makes it possible for the damage to be extensive. Those impacted may have had their names, addresses, dates of birth, email addresses, social security numbers, taxpayer IDs, bank details, and other insurance-related details compromised. Dominion National has offered identity monitoring and recovery services to those impacted by the breach.

Customers Impacted: Unknown

Effect On Customers: A data breach is an embarrassing and costly episode for any company, especially when it takes nearly a decade to discover the incident. The first step to recovery is supporting those impacted by the breach, which certainly includes helping them verify the integrity of their information. By addressing their customers first, organizations begin rebuilding their tarnished reputation at a time when they will already incur ancillary expenses that stem from a cybersecurity incident.

Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

THREAT FOCUS: Summa Health – USA*

Exploit: Phishing scam Summa Health: Non-profit healthcare system serving Northeast Ohio

Risk to Small Business: 1.666 = Severe Risk: When employees opened a phishing email and entered credentials into a false form, hackers gained access to protected health information. The healthcare provider disclosed two breaches, one occurring in August 2018 and another in March 2019. It’s unclear why the company didn’t become aware of the breach until May 1st, or why it took almost a month to notify victims of the breach. Their slow response could make it more difficult for victims to identify instances of identity or financial fraud, and also shines a spotlight on the healthcare provider’s data security standards.

Individual Risk: 1.857 = Severe Risk: Hackers accessed significant amounts of personally identifiable information in the breach, including names, dates of birth, medical records, patient account numbers, treatment information, health insurance information, social security numbers, and driver’s license numbers. Those impacted by the breach are encouraged to enrol in credit and identity monitoring services. In addition, they should carefully and continually review their account information, reporting any unusual activity and unauthorized changes as soon as possible.

Customers Impacted: 500

Effect On Customers: Phishing scams are entirely preventable, and any organization handling personally identifiable information needs to ensure that their employees are equipped to identify and report these increasingly prevalent threats. Exposed personal details usually find their way to the Dark Web, where bad actors can leverage them for a variety of nefarious purposes. It’s critical that companies are prepared with cybersecurity awareness and identity protection.

Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach

THREAT FOCUS: PCM Cloud Solutions - USA*

Exploit: Unauthorized email and network access PCM: Direct marketing company offering technology products and services

Risk to Small Business: 1.888 = Severe Risk: Using stolen administrative credentials for PCM’s Office 365 client accounts, hackers gained access to client data. It’s speculated that hackers intended to use this information to conduct gift card fraud. Upon discovering the breach, PCM closed off access to these accounts, limiting the reach of the intrusion. Despite the relatively minor scope of the data breach, recovering from a cybersecurity incident is no small matter. The company will now need to bear the cost of auditing their IT infrastructure as they work to repair the reputational damage that accompanies such an event.

Individual Risk: 2 = Severe Risk: It’s believed that hackers were pursuing information usable to perpetrate gift card scams, which could include stealing personal information. The company has notified those impacted by the breach, and these individuals should be especially vigilant about monitoring their accounts for unusual activity.

Customers Impacted: Unknown

Effect On Customers: In many ways, PCM got lucky. Although hackers were mostly unsuccessful at obtaining client data, they were able to access systems with a trove of valuable information. Additionally, they were able to accomplish this by simply obtaining administrator credentials, which can be widely available on the Dark Web or through phishing scams. Knowing if this information is available is a critical and often overlooked component of any company’s security posture.

Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach

THREAT FOCUS: Marin Community Clinics – USA*

Exploit: Ransomware Marin Community Clinics: Multi-clinic network providing primary and specialty care services

Risk to Small Business: 1.777 = Severe: A ransomware virus encrypted the healthcare provider’s computer systems, significantly curtailing their operations. Based on the advice of their software provider, the company paid the ransom to recover their files. The organization is continuing to restore files from backups, and they expect to lose some patient data in the process. In the meantime, Marin Community Clinics are using paper records to continue providing care until the network can be restored.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

Effect On Customers: In today’s digital environment, every organization must have a ransomware preparedness plan that considers the current and future state of the company’s IT infrastructure. In the case of Marin County Clinics, an associated healthcare provider was also victimized by ransomware, and they also paid to recover their files. Considering the ongoing debate among cybersecurity experts about the efficacy of paying a ransomware, it could make the company more vulnerable to additional attacks. Of course, the first step to any ransomware preparedness plan is a strong defensive position. Since malware is often delivered through phishing emails, robust employee training can position any organization or agency to repel at attack.

Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

THREAT FOCUS: City Of Sun Prairie – USA*

Exploit: Employee email account breach City of Sun Prairie: Local government municipality serving Sun Prairie, Wisconsin

Risk to Small Business: 2 = Severe: When hackers gained access to employee accounts for nearly three months, they were able to view personal information about the city’s residents. Even though the city hired a third-party forensics firm to investigate the matter, they were unable to determine what information was captured in the breach. The lengthy communications delay and uncertainty surrounding the data accessed reveals that the government agency was fundamentally unprepared for a cyber attack. Although the city is now taking steps to update their cybersecurity protocols in the wake of this data breach, a clear opportunity was missed to secure their network before it was infiltrated by bad actors.

Individual Risk: 1.857 = Severe: The compromised email accounts contained personally identifiable information for residents of Sun Prairie, including social security numbers, account login ID and passwords, driver's license and state identification numbers, bank account numbers, medical information, and payment card information. City officials are unable to identify specific accounts that were accessed, which means that anyone doing business with Sun Prairie should obtain credit and identity monitoring services to ensure that their personal information is safe.

Customers Impacted: Unknown

Effect On Customers: Hackers have many ways to access employee email accounts, but organizations can take steps to prevent some of these methods from being successful. For instance, proper training about phishing attacks can stop many bad actors in their tracks. At the same time, knowing if your employees’ email accounts are compromised can help sidestep breaches from happening in the first place.

Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

THREAT FOCUS: Franciscan Health – USA*

Exploit: Unauthorized network access Franciscan Health: Healthcare system offering services in Indiana and Illinois

Risk to Small Business: 1.777 = Severe: A rogue employee accessed extensive medical records pertaining to physicians, diagnosis, lab results, medications, and other treatment-related information. Although the employee worked in the company’s quality research department, he had no business-related reason for accessing this private health data. Fortunately, the company quickly identified the privacy breach and took action against the employee. However, they will now have to contend with the cost of providing identity theft protection services to those impacted by the breach, along with the less quantifiable reputational losses that accompany a data breach.

Individual Risk: 1.8571 = Severe: Currently, there is no indication that the rogue employee downloaded or shared any personally identifiable information. However, the employee did have access to sensitive data, including patients’ names, email addresses, dates of birth, phone numbers, gender, race, partial social security numbers, and medical record numbers. Those impacted by the breach should review and monitor their financial accounts and their benefits statements for suspicious activity.

Customers Impacted: 2,200

Effect On Customers: A company’s workforce can be one of the most significant sources of cybersecurity risk, but any organization has the ability to transform their staff into the strong defence against a data breach. With the right awareness training, employees can learn to spot cybersecurity threats proactively by learning industry-wide best practices. As the costs associated with data breaches continue to grow incredibly steep, such training is becoming a relative bargain.

Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

THREAT FOCUS: Borough Of Westwood – USA*

Exploit: Malware attack Borough of Westwood: Local government organization serving Bergen County, New Jersey

Risk to Small Business: 2.222 = Severe: Unusual network activity in December 2018 alerted county officials that hackers gained access to the county’s network. These bad actors introduced malware into their system, which placed the personal data of residents at risk. Although the county is confident that information on the network hasn’t been viewed, accessed, or downloaded by hackers, they obtained third-party cybersecurity services to assess the damage and remove the malware from their system. However, it’s unclear why county officials waited six months to notify the public of the incident.

Individual Risk: 2.142 = Severe: Authorities are confident that personal information has not been viewed in this attack. However, the network did store personally identifiable information, including names, social security numbers, driver’s license numbers, and bank account details. The county is in the process of notifying people who could be impacted by the breach, but anyone who provided data to the county’s website should be vigilant about monitoring and reviewing their account statements for suspicious activity.

Customers Impacted: Unknown

Effect On Customers: As news headlines continually demonstrate, local governments are becoming a top target for hackers and cybercriminals. Therefore, it’s critical that these institutions make every effort to secure their IT infrastructure before a cybersecurity incident occurs. In this case, a six-month delay in reporting the data breach would make it difficult for victims to identify data misuse, meaning that the lack of damages resembles more of a stroke of luck than an intentional strategy. Instead of relying on good will, organizations must establish a strong defensive posture that prevents a data breach from occurring in the first place.

Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach



Awareness Tops Readiness in UK Cybersecurity Preparedness *

UK organizations are well-aware of their cybersecurity threat landscape. Unfortunately, that has not enhanced their ability to improve their defensive posture. According to a recent survey, only 42% of organizations are confident in their data security, 10% fewer than companies in other countries. While 90% of survey respondents indicated that adopting cybersecurity best practices is more important than increasing profits, less than 60% of these companies have a formal security policy, a number that has not changed since last year. Indifference may not be the only factor in their lack of preparation. Many companies cite budgetary and personnel constraints as a significant barrier to improving cybersecurity posture. Even so, the cost of a data breach is more expensive than ever before. The survey found that organizations will dedicate 12% of their revenue to recovering from a data breach, an all-time high. With companies like ours equipped to fortify your cybersecurity defences, now is the perfect time to prepare your company for today’s evolving threat landscape.

Disclaimer*: Avantia Corporate Services Pty Ltd and Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach information to us in real time. Given their international focus and experience in the cyberspace arena we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the contents accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

bottom of page