Aus companies must build security expertise to develop cyber resilience
As more Australian organisations progress to cloud-based operating models, the opportunity for mass-scale, targeted cyber attacks looms as a very real threat.
With the number of targeted cyber attacks doubling in the last year – PageUp and HealthEngine among this year's major breaches – research from analyst firm Accenture shows Australian organisations are recognising the impact of cyber attacks, and making strides to improve cyber resilience and perform better under pressure.
According to the study, Australian organisations are now preventing 80% of all targeted attacks, but they still face two to three security breaches a month.
The research also found that 90% of respondents expect their organisation's overall investment in cybersecurity will increase in the next three years.
As the number of attacks nearly doubles, to 144 in 2018 from 80 in 2017, monitoring, detection and prevention will become critical to achieving cyber resilience.
The key question for Australian organisations is, are they making the right investments in their operations when it comes to security?
Prevention better than cure?
To defend and empower organisations, leaders need to combine expertise from a security and operations perspective to keep up with the constantly evolving threats and risks.
Australian organisations who do so will have the ability to rapidly scale security and compliance operations to achieve efficiency and drive business outcomes.
Chief Information Security Officers (CISOs) have a vital role to play in transforming infrastructure security with the help of emerging technologies.
But if their cybersecurity strategy is to have an impact, they should step outside their comfort zones (e.g., compliance audits, cyber technology) and engage with enterprise leadership on a day-to-day basis.
Doing so would require security executives to make the case in business terms that the cybersecurity team is critical in protecting and extending company value.
Australian organisations who take full advantage of advanced technologies and risk management models will reap these benefits:
Industrialising security operations
Australian organisations who combine expertise from security and cloud will industrialise their security operations.
By implementing repeatable, robust and intelligent operations, organisations can achieve lower client operating costs with industrialised services, knowledgeable resources, and a scalable infrastructure.
Achieving efficient execution
In addition, combining expertise will enable Australian organisations to efficiently execute their security operations, through robotics and automation.
By making a significant investment in robotics and intelligent systems, Accenture believes organisations will be able to drive human error rates from 20-30% to under 1%.
Doing so will also result in automation becoming standard.
In addition, organisations gain immediate benefits from sourcing models that rapidly scale their security capabilities in a flexible, as-a-service delivery modality.
When organisations deliver capabilities that are highly scalable, delivered at speed, and accurate – organisations are able to "learn" from the results immediately, in real-time.
Furthermore, organisations can also identify surface threats within 24 hours versus months, making the process significantly more efficient than before.
Delivering business outcomes
Not only does combining expertise achieve efficient execution, it also assists Australian organisations to deliver key business outcomes, such as mitigating risk, predicting security outcomes and reducing costs.
The combination of multiple, comprehensive services helps organisations manage risk.
The fusion of critical capabilities (monitoring, incident response, threat hunting and threat intelligence applied) with leading technologies (analytics, machine learning and AI) will accelerate the detection, containment and investigation of low visibility (but high sophistication) security threats.
Australian organisations are facing a growing number and increasing sophistication of cyber attacks, all the while struggling to achieve consistent security operations.
While Australian organisations have made some progress in preventing cyber-attacks, there is still more work to do.
Prioritising where to focus resources to adequately protect their organisations' IT infrastructure from cyberattacks is a challenge for many organisations.
This is further exacerbated as a result of having an increased number of ecosystem partners involved in the value chain.
To conclude, CISOs and their security teams should:
- Define security strategy aligned with the new world.
- Update data policies to align to ever-changing legislation and risk levels while being balanced so that can be implemented.
- Check security control frameworks and ensure that operations data protection plans are in place, particularly protecting the most critical and accessible data.
- Check end-to-end compliance and controls across the supplier network to assess compliance and ability to respond to threats.
- Leverage innovative technologies and combine expertise from security and operations, so that can rapidly scale security and compliance operations.
- Conduct penetration testing regularly and test the operational processes for mitigating and dealing with threats.
- Adjust operating model and training so that everyone 'thinks security' to drive cyber resilience.