Cybersecurity firm reveals breach in third-party cloud system

Cybersecurity firm reveals breach in third-party cloud system

Cybersecurity firm reveals breach in third-party cloud system | Insurance Business Australia

Cyber

Cybersecurity firm reveals breach in third-party cloud system

Cyber insurers and brokers have another example to send to their clients

Cyber

By
Roxanne Libatique

Cybersecurity firm Fortinet has disclosed a recent security breach involving unauthorised access to a small number of files stored in a third-party cloud-based file-sharing system – yet another incident that insurance companies and brokers may wish to highlight with their clients to emphasise the financial security offered by cyber insurance.

The cyber incident affected less than 0.3% of Fortinet’s customer data, with no evidence of malicious activity or disruption to the company’s operations or services, according to Fortinet’s statement.

The company said that the breach did not involve ransomware, data encryption, or access to its corporate network.

Additionally, the company engaged a third-party forensics firm to verify its findings and implemented enhanced security measures, such as improved account monitoring and threat detection protocols.

It said that it does not expect the breach to have a material impact on its financial results.

Australia faces surge in cyberattacks

The announcement comes as Australia experiences a surge in cyberattacks.

The firm also highlighted that around 140 million accounts have been breached in Australia since 2004, placing it among the top 15 countries globally for data breaches. Australia was also identified as one of the leading sources of phishing attacks, according to Zscaler’s 2024 Phishing Report.

Jamie Callaghan, chief security officer at SMX, emphasised the importance of DMARC enforcement, noting that while companies often focus on protecting their internal systems, DMARC also helps secure external communications by ensuring emails from the organisation are trusted.

See also  FTC non-compete agreement ban goes ‘too far’

SMX’s report found that 92% of Australian federal agencies had implemented DMARC, with 79% of those enforcing it – representing an improvement from previous years.

The report also noted an increase in private sector adoption of DMARC, with 60% of ASX-listed companies deploying it, up from 45% in 2022. However, enforcement levels in the private sector remain lower, with 47% of organisations enforcing the protocol.

The findings underscore growing concerns about the rising threat of email-based attacks across the region. Experts, including Callaghan, encourage both small and large businesses to prioritise DMARC adoption and enforcement.

Callaghan stressed the need for companies to work closely with IT professionals to make DMARC a standard practice in their security protocols.

Cybersecurity challenges in Asia Pacific

The cybersecurity challenges facing Australian and New Zealand businesses are part of broader trends across the Asia-Pacific region.

The survey also pointed to the increasing use of artificial intelligence (AI) in managing cybersecurity threats, with 77% of respondents citing AI’s role in threat detection and response. However, communication between security teams and non-technical leadership remains a challenge, with nearly 60% of respondents indicating difficulties in conveying security information to executives.

Cybersecurity budgets in Asia Pacific

In response to the evolving threat landscape, the report noted that cybersecurity budgets have increased across the region, with 84% of companies reporting higher investments in cybersecurity – exceeding the global average of 76%.

Despite these increased budgets, many companies still struggle to quantify the effectiveness of their security programs in operational terms, often focusing on breaches rather than metrics such as response times or threat detection rates.

See also  Aspen appoints Sarah Stanford as interim CEO, Aspen UK

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!