Technology builds the digital economy – yet, cyber security functions as a key pillar that helps it thrive. This fact has become even clearer this year throughout Australia with the recent escalation in cyber security threats – an intensification in the frequency and sophistication of attacks that has been felt across the country by the government, corporate organizations, and individuals.
Watching this happen during a global pandemic underscores the reality that – in good weather as well as in bad – as long as businesses continue to thrive, we will need to continue fighting cyber crime.
The global pandemic underscores the reality that – in good weather as well as in bad – as long as businesses continue to thrive, we will need to continue fighting cyber crime.
What Cyber Attacks Cost the Australian Economy
Australia’s Digital Trust Report 2020 estimates that a four-week interruption to digital infrastructures resulting from a significant cyber incident could cost the economy $30 billion AUD (1.5% of Australia’s Gross Domestic Product) and affect around 163,000 jobs.
The key question is how best to minimize this type of risk. In the era of COVID-19, it may be appropriate to draw a comparison between how we deal with cyber crime and how we protect ourselves from the coronavirus.
Perhaps more than any other time in recent history, we have been absorbed this year with finding ways of ensuring our own safety, the safety of our families, and our broader surroundings. A similarly vigilant approach needs to be adopted in the cyber sphere to ensure the safety of digital, hyperconnected businesses.
Yes – there is no single vaccine that may make us 100% immune to cyber crime. But we should do whatever is possible to minimize exposure and reduce risk. This awareness and care should become embedded in the routine of our daily lives – what we call the “New Normal.”
Improving Cyber Safety
Australians are being targeted by a range of different groups that vary in their intent and sophistication. These include:
- Nation states and state-sponsored actors
- Financially motivated criminals
- Special interest groups and individuals
- Terrorist groups and extremists
Protecting ourselves requires adopting a more sophisticated approach to cyber security that leverages capabilities such as automation and data analytics.
Protecting ourselves requires adopting a more sophisticated approach to cyber security that leverages capabilities such as automation and data analytics.
Moreover, the fight against cyber crime must involve all sectors: The government, private businesses, and individuals each play a role in creating a cyber safe environment.
Since the onset of COVID-19, Public Private Partnerships (PPP) have been key to successfully mitigating emerging cyber threats around the world. By sharing intelligence and expertise on recent trends as well as providing technical assistance, private sector companies serve as valuable partners for law enforcement agencies.
The Australian Government is Taking Action
The Australian Cyber Security Centre (ACSC) is leading the Australian Government’s efforts to improve cyber security. ACSC was set up with the objective of helping make Australia the safest place to connect online.
The Australian Government’s vision is to create a more secure online world for Australians, their businesses, and the essential services upon which we all depend. According to Australia’s Cyber Security Strategy 2020, the Australian Government plans to invest $1.67 billion over ten years to achieve the vision of a safer digital world for businesses and individuals.
Where We Need to Improve
On September 6, 2019, the Australian Government released a public discussion paper, “A call for views,” to give every Australian a say in the development of this strategy. As summarized in Australia’s Cyber Security Strategy 2020, the following key themes were raised during the consultation process:
- The threat environment is worsening.
- Roles and responsibilities need clarification.
- Government and industry partnerships should be strengthened.
- Improved, two-way information sharing is essential.
- Standards and regulation are necessary to get the basics right.
- The growth of cyber crime is outstripping our ability to respond.
- Many threats can be addressed at scale.
- Human behavior is almost always part of the problem.
- Australia needs more trusted and skilled cyber security professionals.
- Small businesses are particularly vulnerable.
- Australia needs to be better prepared, especially for an incident on a national scale.
The Next Step: Leveraging New Technology
While the government does its part in sharing threat information, strengthening information security partnerships, and holding cyber criminals accountable – private organizations need to take the necessary steps to keep their own businesses, intellectual property, and customer data secure.
As attacks increase in sophistication, security operations also need to be enabled with technology advancements such as robotics, Big Data and automation.
A traditional security operations center (SOC) used to have a SIEM with an event collector, a correlation engine, and a SOC team actioning the alerts that were received. However, this system has been beaten by cyber criminals – with their increased speed, agility, and sophistication.
And making this even more challenging is the fact that obtaining skilled cyber security professionals remains the top challenge nationwide.
How to Build a Smarter SOC
What organizations need today is an intelligent, next-generation SOC with tools and technologies to combat cyber criminals. The key components of a smarter SOC include:
What organizations need today is an intelligent, next-generation SOC with tools and technologies to combat cyber criminals.
- Threat intelligence that monitors deep and dark web activities
- Advanced Digital Forensics & Incident Response (DFIR) capabilities
- User Entity Behavior Analytics (UEBA)
- Threat hunting that supports the building of use cases based on business risk
- Security Orchestration, Automation & Response (SOAR) platform to bring everything together in a single pane of glass for multi-team collaboration, streamlined security processes and technology integrations
Adopting a Risk-Based Approach
Within any large organization, the Chief Information Security Officer (CISO) generally is responsible for security operations. But that’s only one part of the CISO’s job.
Another critical aspect of the CISO’s work is involving tying cyber security risks to business risks. The ability to assess and share the level of business risk facilitates better communication with the board.
This process also helps identify gaps, define priorities, and ensure the right strategy is in place to protect an organization’s crown jewels. Here at CyberProof, for example, we utilize a framework called the MITRE ATT&CK and leverage a “Use Case Factory” approach to build and maintain end-to-end traceability of the business risk.
And while cyber security is a never-ending battle, we believe that it is possible to “claim victory” by keeping any potential losses below an acceptable limit defined by the business and being ready to respond if and when an attack occurs.
If you are concerned about the robustness of your organization’s cyber security operations and its ability to protect itself from cyber attack or would like to speak with one of our experts, contact us today. We are here to help!