Detect, respond, recover.
Cyber criminals are adept at exploiting weaknesses within an organisations ICT network, as the 2022 breaches of Optus and Medibank, have demonstrated. As the complexity of networks grow, so too do the avenues available to cyber criminals to compromise their targets. The average data record stolen by cyber criminals is believed to be worth anywhere between $15 and $100+ dollars; therefore, it is easy to understand the financial motivation that drives these criminals.
An organisational shift in mindset from ‘if we will be breached’, to ‘when we are breached’, means they are able to prepare and ensure they know how to respond when the inevitable occurs.
Ravinn were recently engaged by a Not for Profit (NFP) organisation to help answer the question of ‘when’, and develop a structure of Incident Response and Business Continuity options for when the inevitable occurs.
NFP organisations play a unique role in supporting the betterment of our everyday life in a range of ways: from medical research and social work to housing and rehabilitation; many of the community programs we have come to rely on are provided in some shape or form through the efforts of NFPs. Many organisations within the sector handle, process, and store personal and medically sensitive information about their clients. Information of a personal nature, often referred to as Personally Identifiable Information (PII), is a highly valuable and attractive target for cyber criminals.
Australian Privacy Principles
Under the Australian Privacy Act of 1988, organisations that provide a health service or hold health information are considered to be a health service provider. Organisations in this category are required to provide additional protections due to the nature of sensitive data they collect and hold.
The Australian Privacy Principles (APPs) state “ An APP entity must take reasonable steps to protect personal information it holds from misuse, interference and loss, as well as unauthorised access, modification or disclosure.”
Reasonable steps should include, where relevant, taking steps to implement strategies in relation to the following:
- Governance, culture and training
- Internal practices, procedures, and systems
- ICT Security
- Access Security
- Third party providers (including cloud computing)
- Data breaches
- Physical Security
- Destruction and de-identification
Building resiliency in Non-for-Profit Organisations
Along their cyber maturity journey, the NFP in question had already identified a gap in their ability to detect, respond and recover from an information security incident. The organisation understood that the ‘most likely, most dangerous’ scenario for them was a data theft or ransomware attack, due to the sensitive data they held.
Working with the client, Ravinn was able to customise an Incident Response framework that would be both functional and adaptable to the client’s business processes and capabilities, ensuring that they are well prepared to respond and recover in the most expedient manner available.
Work with Ravinn
At Ravinn, we know firsthand that every journey is different. No matter whether cyber security is new to your organisation or if you are very cyber-mature, Ravinn can help uplift your cyber resilience for when the inevitable happens.