The velocity of cyber crime assaults on Australian companies has surged dramatically in recent years, exacerbated by advanced artificial intelligence (AI) technologies and the rapid adoption of cloud solutions. However, certain strategies and defence solutions are proving to be a powerful ally.
According to a recent IBM report, the average cost of a data breach in Australia has reached AUD $4.03 million, marking a 32% rise over the past five years. This sharp increase underscores the growing threat to businesses across the nation.
Keir Garrett, Regional Vice President for Cloudera ANZ, attributes this rise to a range of factors. A notable contributor is the widespread adoption of cloud services which, while offering substantial operational benefits, has also created new vulnerabilities that cyber criminals readily exploit. Garrett pointed out that in the past year alone, 82% of data breaches involved information stored in the cloud.
Australia has witnessed several significant data breaches recently, with companies like MediSecure and Ticketmaster affected, resulting in the compromise of millions of customers' personal data. These incidents highlight the urgent need for organisations to enhance their data security frameworks.
Garrett outlines a comprehensive approach for businesses to bolster their defences against potential data breaches. Central to this approach is the prioritisation of security and governance. By leveraging AI to enhance threat detection, companies can identify and respond to unusual activities swiftly, ensuring that efforts to maintain security do not impede legitimate access to necessary data services.
Implementing a 'zero trust' framework is another pivotal strategy Garrett recommends. This security model assumes that no entity, whether inside or outside the network, is trustworthy by default. Establishing strong governance under the zero trust model ensures data protection while keeping it accessible to authorised users. Multi-factor authentication (MFA) plays a crucial role in this framework by ensuring explicit verification of user identities.
Investing in modern data platforms is also vital, and not all cloud services are equal in terms of security. Cloudera's Platform as a Service (PaaS) offers organisations control over their data, ensuring it remains secure and segregated from other data estates. This approach emphasises application security, data protection, and access control, thereby reducing the risks associated with data breaches.
Employee education on best practices is equally critical. Many security breaches stem from internal sources, either through intentional insider threats or unintentional actions facilitated by social engineering. Providing adequate training equips employees with the knowledge and resources needed to handle the increasingly sophisticated threats.
Evan Thomas, Channel Director ANZ at Armis, stresses the importance of a proactive approach to cybersecurity asset management, especially as the new financial year approaches. He notes that the proliferation of devices and tools within organisations introduces complex security challenges. Each connected device adds layers of considerations, from operating systems to updates, making it hard for IT teams to maintain a comprehensive asset view.
Thomas advocates for a strategic framework that allows IT teams to identify, classify, and prioritise assets based on their criticality. This proactive management reduces the attack surface and mitigates risks. Furthermore, automation and AI technologies can assist in managing this complexity, offering a clearer, more controlled security environment.
In another move to enhance security resilience, the Australian Government has allocated AUD $14.2 million in grant funding as part of the Mobile Network Hardening Program. This initiative aims to bolster the resilience of regional telecommunications infrastructure. Cameron Evans, CEO of Indara, confirmed that the company received funding to develop Disaster Recovery Skids, which will ensure network availability during natural disasters, particularly in New South Wales, Tasmania, and Victoria.
Evans emphasised that reliable mobile connections are critical during emergencies, potentially saving lives. The MNHP funding, along with previous grants aimed at fortifying infrastructure, underscores a significant step towards enhancing network resilience in regional communities.
As cyber threats continue to evolve, AI adds a layer of complexity and stealth to the landscape. Businesses must proactively fortify their data security measures, foster an environment of continuous vigilance, and stay ahead of increasingly sophisticated cyber threats.