Cyber attacks: we are all vulnerable

By Jonathan Jackson. Published at Mar 25, 2019, in Technology

Rapid7, Inc. (Nasdaq: RPD) recently released its latest Industry Cyber-Exposure Report , an aggregated research paper examining the overall cyber-exposure and resiliency of ASX 200 organisations.

The report uncovered what we all know to be true: that ASX 200 organisations have trouble sufficiently deploying cybersecurity basics. It found, on average, ASX 200 organisations expose a public attack surface of 29 servers or devices, with many companies exposing 200 or more. The report also revealed that 67 percent of ASX 200 organisations have weak or non-existent anti-phishing email defences.

“This report demonstrates that even the most talented, best-resourced IT departments in Australia and New Zealand still face daily challenges in keeping their internet-facing assets up-to-date with supported versions of business-critical software and keeping up-to-date with the latest patches,” said Tod Beardsley, research director at Rapid7.

Rapid7 measured the internet-facing security profiles of the ASX 200 during Q4 2018 by examining: the number of exposed servers and devices; the presence of dangerous or insecure services; phishing defence posture; weak public service and metadata configurations; and joint third-party website dependency risks.

“Having an accurate view of the resiliency of organisations and industry sectors to withstand cyberattacks can focus efforts to reduce and manage exposure among those industries that need it most and enhance cooperative efforts between government and the private sector to better protect companies and their employees and customers,” Beardsley said. “Measurement of industry-level exposure can also inform industry-specific working groups that share cybersecurity information and threat intelligence. Business leaders that have an ongoing dialogue with their industry peers about cyber-exposure can be broadly beneficial to the digital ecosystem.”

Government is also exposed as evidenced by an attack on Australia's Parliament House computers. China was named as a possible source. It followed an attack in late 2018 on Perth-based Navy shipbuilder Austal. the Australian Cyber Security Centre suspected criminals based in Iran.

Back in 2017, WhiteHawk published a blog citing a report from the Joint Committee of Public Accounts and Audit (JCPAA) on cyber security compliance where they recommended cyber best practices to be followed by federal agencies that would help prevent malware and improve cyber security.

The article states: In their report, the JCPAA recommends that the Australian Government should mandate the Australian Signals Directorate’s (ASD) Essential Eight cyber security strategies specifically for entities that are covered under the Public Governance, Performance, and Accountability Act 2013. Entities included are Parliamentary departments, departments of state, and qualifying corporate and non-corporate bodies, which depends on how they were formed under Australian law.

You can read the full blog post here.

It is worth revisiting that blog post along with the the report as Cybersecurity expert Andrew Woodward from Edith Cowan University told the ABC, there is no question that cyberattacks are on the rise.

The problem, he says, is that barely anyone ever knows they are being attacked.

"There's some really sad stats out there that in the vast majority of cases an organisation only knows it's been attacked because an external third party has reported it to them because they've noticed before the company in question," Professor Woodward said.

He points to a lack of skilled cybersecurity professionals available to detect or even stop these attacks.

In that light, it's crucial that companies and government agencies get on top of their cyber security functions, hire professionals who can mitigate attacks or try to prevent them and take their data security seriously.

Cyber attacks will continue to occur, probably at a more rapid rate than ever, so it's time to up the vigilance.

Editor's note: To help you combat cyber attacks, better understand your security needs and help you put in place solutions that work for you, our friends at WhiteHawk will now be delivering a monthly column that details everything you need to know ... and more.

Stay tuned.

View Our Investment Portfolios

S3 Consortium Pty Ltd (CAR No.433913) is a corporate authorised representative of LeMessurier Securities Pty Ltd (AFSL No. 296877). The information contained in this article is general information only. Any advice is general advice only. Neither your personal objectives, financial situation nor needs have been taken into consideration. Accordingly you should consider how appropriate the advice (if any) is to those objectives, financial situation and needs, before acting on the advice.

Conflict of Interest Notice

S3 Consortium Pty Ltd does and seeks to do business with companies featured in its articles. As a result, investors should be aware that the Firm may have a conflict of interest that could affect the objectivity of this article. Investors should consider this article as only a single factor in making any investment decision. The publishers of this article also wish to disclose that they may hold this stock in their portfolios and that any decision to purchase this stock should be done so after the purchaser has made their own inquires as to the validity of any information in this article.

Publishers Notice

The information contained in this article is current at the finalised date. The information contained in this article is based on sources reasonably considered to be reliable by S3 Consortium Pty Ltd, and available in the public domain. No “insider information” is ever sourced, disclosed or used by S3 Consortium.

Australian ASX Small Cap stocks | Why is Australia’s leading small cap publication

Founded seven years ago, is Australia’s leading and longest standing website for investor and finance news, education and expert opinion.

Published by StocksDigital, Finfeed was created to report daily on the comings and goings of ASX listed stocks in the small cap market.

As the first digital publication dedicated specifically to this space, Finfeed soon became the most trusted publication in the market, quickly garnering over two million page views – a number that continues to rise. provides its readers with informative articles that tackle the latest in market moving #ASX small cap news, plus exclusive content you won’t find anywhere else. It is aimed at those with an interest in investing, market education, company performance, start-ups and much more. is the only media organisation operating under the strength of a Financial Services License and is backed by leading journalists and analysts all with brands of their own.

The website aims to inform, educate and entertain with content that drills down into the heart of financial matters.

Finfeed is a leading source of investor and market information, with everything investors need to know about how to invest written in a way that anyone can understand. 

Over the years, the website has expanded beyond exclusively reporting on small caps, to profile Australia’s leading ASX listed small, mid and large caps as well as some of the country’s most successful CEOs and business leaders to find out what makes them tick.

Every day you will find fresh content covering:

Fast Facts

Over 4,000 articles published

Over 2.3 Million Page Views and counting

Over 10,000 followers on social media

Subscriber list growing by 2% monthly

Thanks for subscribing!