It's not the greatest feeling when the ASD release the cyber threat report and the average reported cost of cybercrime to businesses has only gone up.
There is a silver lining that the entry points for businesses largely revolve around identity and business email compromise. With a focus on email as an entry point it reminds everyone that people are the constantly being targeted by cybercriminals.
There are plenty vendors out there that offer products and services, but the one we've heard mentioned and regarded time and time again, is Phriendly Phishing.
Going back to the ASD's report, the dollar values seem to double respective to the size of the business, starting at approximately 50 thousand dollars for a small business up to over 200 thousand for a large organisation.
With individual gains from the previous year of 14%, 55% and 219% respectively.
One highlighted point from the report is the vulnerabilities found in edge or cloud computing. The first two weeks of the 2025 cyber security awareness month dedicated to logging and legacy technology.
Both of are relevant to compromise of edge devices.
And it was obviously deliberate when the most common cyber security incident for critical infrastructure and government agencies was either through a compromised asset, network or piece of infrastructure.
Without wanting to create a TDLR or regurgitating the report itself, we'll mention a final point of the report.
It brings awareness to the capability that is already at the organisations fingertips but is left out of mind when the environment is setup.
They've pointed out that seven government organisations which already owned Microsoft E5 license had unidentified vulnerabilities in their environment caught by enabling defender for endpoint.
With that said, it's definitely a wake up for some organisations that have already paid the price of the license and haven't yet come around to implementing the full protections offered.