For businesses: prevention is dead. Resilience is everything.

            Still thinking cyber “won’t happen to us”? Ask Qantas. Ask MOVEit. Ask anyone who’s had to face the
            cameras and say, “We’re investigating the incident.”

            You  don’t  stop  breaches  with  wishful  thinking  and  legacy  tools.  You  stop  them  with  brutally  honest
            assessments, relentless testing, and round-the-clock visibility. Three key steps all organisations should
            be taking in light of the Qantas breach:

            1. Penetration testing – Simulate the breach before the real one hits

            Static security reviews are useless in 2025. Attackers don’t use checklists, they use ingenuity. Your
            defences should be tested by people who think like them.

            Use red teams to run real-world attack simulations to expose your blind spots, from credential stuffing to
            insider threats. If your internal team always passes the test, it’s not a test. It’s theatre.

            2. Managed detection & response (MDR) – Eyes on everything, all the time

            Breaches don’t announce themselves. Without MDR, you might not know you’ve been hit until your data
            is on the dark web. Market leading MDR platforms use AI to detect anomalies in real time, and expert
            analysts investigate alerts before they become incidents. Speed matters. Context matters more. If you're
            relying on tools alone, you're not covered, you’re exposed.

            3. Secure cloud backups – Because ransomware doesn’t negotiate

            When all else fails, your backup is your survival plan. But if it’s stored on the same network, with the
            same credentials, and hasn’t been tested in six months, you might as well not have one.

            A proper backup strategy includes:

               •  Isolated, encrypted cloud storage
               •  Automated versioning
               •  Disaster recovery plans that are rehearsed, not theoretical

            If your board doesn’t know your RTO (Recovery Time Objective), ask why they still have a seat at the
            table.



            Final word: The real breach is the illusion of control

            Let’s stop pretending we can “prevent” all cyber-attacks. That ship has sailed. What separates survivors
            from casualties is preparedness, transparency, and relentless resilience. Qantas didn’t choose to be
            breached, but they did have a choice in how ready they were when it happened.

            For consumers - assume you’ve been compromised and act accordingly. For businesses - build breach
            response into your DNA.






            Cyber Defense eMagazine – September 2025 Edition                                                                                                                                                                                                          196
            Copyright © 2025, Cyber Defense Magazine. All rights reserved worldwide.