Why must all businesses take

Cybersecurity seriously? – P2
Case Study: Singtel Optus Pty Limited

@mr
Researched and written by @mr

B B for Business | amr webbox - manufacturing the words… @mr

Why must all businesses take cybersecurity seriously? – P2
Case Study: Singtel Optus Pty Limited
Published at: amrwebbox.com

No part of this document may be reproduced or distributed in any form of by any means,
without the prior consent of amr webbox | manufacturing the words (formerly known as
amr webbox | made in digital world) or the writer.

--------

B | B for Business is a category of amr webbox | manufacturing the words (formerly

known as amr webbox | made in digital world)

--------

@mr is personal logo and ownership of Aamir Sheikh (Founder of amr webbox |
manufacturing the words), it is not allowed to be used by anyone without prior consent
of the owner.

---------
ASA (Australian Society of Authors) is an independent body promoting and protecting
the rights of authors in Australia. The writer of this article is Associate Member of ASA.

---------

If you want to give any reference from this document, use the following referencing
format:

amr webbox (2022), ‘Why must all businesses take cybersecurity seriously? - written by
Aamir Sheikh’ [Online], Retrieved from: http://www.amrwebbox.com/ [Accessed On: Day
(XX) Month (XX) Year (XXXX)]

Avoid printing! Let’s save the environment and use natural resources efficiently.
Disclaimer: In this article and its upcoming parts, as a writer I
do not/will give any opinion about Singtel Optus Pty Limited.
I am/will be just sharing facts based on the secondary
research from authentic and recognised sources only and
doing/will be doing unbiased analysis.
To access Part 1 of the article please click here:
Alex: What should a business do to prevent the risk of
cybersecurity and how Optus responded and tackled data breach?
@mr: Below is my research work:
I decided to reach out to Optus Team and visit their website to
understand what steps they have taken to address the unexpected
cybersecurity issue.
Before we discuss about Optus fight against cybersecurity issues,
let’s see in a video what should a business do to prevent
cybersecurity issues?
[For Microsoft Edge only: you can access the video directly by
clicking on yellow highlighted lines and selecting play video
comment.]
If the above does not work, click on the following video:
How Optus responded and tackled the cybersecurity attack?

Identification of Informed and

the issue and collaborated with Reconstruction of the
informing public Australian Government data set
stakeholders and Security Instiutions

Contact with its

Monitoring of the issue
customers

1. Identification of the issue and informing the public at

large
Optus identified the issue of exposure of their customers data to
the hackers. It responded immediately by informing public about
it, provided the necessary instructions such as changing password
of the Optus accounts, checking their credit information etc. It
created a section on their website to keep the public up to date
on the issue.
Identification of the issue was the first major step taken by Optus.
It ensured to stop further damage to the business and the
customers by leakage of the data. It not only informed it
customers but also other businesses in the industry so they can
protect their businesses from any potential cyber security attack.
2. Informing and collaboration with Australian Government
and the Security institutions.
It was a vital step taken by Optus to inform the Government,
license issuing authoring, cyber security institutions and the
Police. Without their assistance, any business cannot handle
and/or stop potential “e-attacks”.
The following are the institutions Optus contacted after the attack:
- Australian Federal Police (AFP);
- Australian Cyber Security Centre (ACSC); and
- Federal Government Ministers and their offices.
AFP gave strict instructions to Optus to not speak publicly about
any specific aspects of the attack as they rely on an information
asymmetry in tracking down the responsible parties.
3. Reconstruction of the data set
To keep it simple, I will give an example of organizing a messy
room! The quantum of the information receiving by any big
organization like Optus is quite high. It is not a simple exercise to
put that information in a template and process it. An organization
has to organize the information in a manner that it is readable by
their software, systems, processes and also easily accessible. In a
nutshell, there are four elements here:
- Parsing;
- Sorting;
- Analyzing; and
- Organizing.
4. Contact with the customers.
Optus contacted it’s all customers in general informing about the
cyber security attack. It also contacted customers specifically
informing whether their personal information was comprised in the
cyber security attack. It also covered the charges for its customers
who needed to replace driving license and/or passport.
It kept their customer updated on the issue and asked to take
required actions where there was a need.
5. Monitoring of the issue
It was highly important to keep an eye on the issue and stay ready
on the emerging situation. For Optus, it was important “to keep it
weapons” ready to handle any further unexpected attacks by
coward hackers.
Optus monitored and is monitoring the issue around the clock and
took all necessary steps whatsoever in their control through
collaboration with different stakeholders such as Australian
Government, Australian regulators, Australia Security Institutions,
their Parent Company and others.
Without timely monitoring of the issue, it would not have been
possible to counter the unexpected “e-attack”.
Alex: How to develop cybersecurity policies and SOPs? and I want
more details on how to prevent cybersecurity attack.
@mr: Stay tuned for a new service Develop by @mr and also Part
3 of the article.

#Goawaycowardhacker!
#Saynotocybercrime
B@mr
H22112022