Article by Sean Abbott, Director of Channels and Alliances, ANZ, Exabeam
The recent attacks on Pizza Hut in Australia are just the latest in an increasingly long line of high-profile cyber breaches in the ANZ region. In today’s digital age, fast-food chains like Pizza Hut and others store a vast amount of customer data, including personal information and payment details, making them attractive targets for cybercriminals. In this case, it appears as though 193,000 customer records have been exposed.
While there are a plethora of questions and responses to each of these attacks – where did the breach come from, what was their motive, how did they get in, what data has been compromised – conversations always return to the fundamental issue of what could have been done to prevent this, or at least to reduce potential exposure as much as possible.
In today’s environment, a critical defence strategy for strengthening cybersecurity is having the ability to baseline user behaviour so security teams can automatically identify anomalies indicative of attack or compromise and prioritise alerts. Systems like SIEM with advanced user and entity behaviour analytics provide these abilities plus actionable threat intel. It should go without saying at this point that SIEMs are a core element to security operations as are airtight defence and incident response plans.
SIEMs have a lot of responsibility inside security operations. They provide real-time monitoring of IT infrastructure and collect and analyse data from various sources, such as firewalls, servers, and network devices. By constantly monitoring for suspicious activities or anomalies, aSIEM platform can quickly detect any unauthorised access attempts or unusual data transfers.
SIEM platforms also assist in threat detection and incident response. If a cyberattack does occur, a SIEM system can correlate data from different sources to create a comprehensive picture of the attack, including its origin and methods used. This information is invaluable in understanding the threat landscape and formulating a targeted response strategy.
Additionally, SIEM platforms can automate responses to certain types of incidents. For example, if an organisation’s SIEM detects a series of failed login attempts from an unfamiliar IP address, it can automatically block that IP address or trigger an alert to the security team. This automation can significantly reduce response times and limit the potential damage of an attack.
Furthermore, a SIEM platform can assist with compliance requirements. In the case of Pizza Hut, which handles sensitive customer information, compliance with data protection regulations like the Australian Privacy Principles (APPs) is crucial. A SIEM system can generate reports and logs that help demonstrate compliance with these regulations, which is essential for avoiding legal and financial penalties.
In conclusion, the recent cyberattacks on Pizza Hut in Australia have again highlighted the importance of having an airtight security plan, and a SIEM platform with advanced threat detection, investigation and response capabilities can play a vital role in mitigating cybersecurity issues for any organisation, including fast-food chains. By providing real-time monitoring, threat detection, incident response, automation, and compliance assistance, a SIEM platform helps bolster security and protect sensitive customer data in an increasingly digital world.
