The week in security: Security staff struggling harder to keep up here than overseas

The Australian Cyber Security Centre (ACSC) issued a formal warning as it sought to raise awareness and protection around the surging Emotet malware, which was fingered in the recent malware attacks on Victorian hospitals and nearly two dozen other Australian victims.

Indeed, Victorian government agencies were breached 83 times last year, according to an audit by state privacy authorities that found the volumes of breach reports increased 28 percent over the last financial year.

Infected Internet of Things (IoT) devices aren’t helping the situation, with thousands of QNAP NAS units infectedby the QSnatch credential-stealing malware and a somewhat painful solution.

Also painful is the entire practice of cybersecurity, according to new figures that suggest Australian security practitioners are struggling to keep up with an escalating barrage of security alerts and identity-management issues.

Complexity is the enemy of straightforward security, after all. Security administrators in educational institutions know this pain particularly well, given the broad range of threats and unpredictable users that keep them on their toes. These may make them particularly amenable to four steps for improving their incident response.

Artificial intelligence has quite commonly been held to be a big help here, but that doesn’t mean your human staff will become any less important.

Humans are, after all, top of the food chain when it comes to both attacking and defending their assets – which is why it takes a village to build and execute a successful cyber resilience plan.

Even as it agreed to pay the UK’s £500,000 ($A940,000) fine for voter profiling, Facebook was pushing for a ban on spyware company NSO Group after an attack on WhatsApp last year.

Researchers suggested that Russian hackers ‘Fancy Bear’ hit more than 16 national anti-doping agencies, putatively in response to a potential ban on Russia participating in all sporting events.