Aligning cyber security plans to business challenges was a hot topic at the recent ACSC (Australian Cyber Security Centre) conference in Canberra.
Recently I joined our regional Australian team to help increase Carbon Black’s involvement and impact on the Australian (and greater) cyber security market. The ACSC and its conference stand front and centre in the changing cyber security mandates in Australia and surrounding regions.
The event helped me to continue analysing and investigating the growth of global security regulations, which will go on affecting business planning, spend and investment around IT and security policy.
The ACSC event is positioned as a government-centred security conference featuring leading cyber security experts from Australia and abroad, who gathered to discuss and promote information on the latest threats, mitigations and advances in cyber security.
Many discussions featured in-depth reviews of the technologies and frameworks being developed to help businesses understand, mitigate, and remediate security problems and threats within their infrastructures.
Carbon Black’s Brett Williams hosted a technical session on these technologies, featuring insights on how to remedy the threat posed by default volume shadow copies. His session was very much in synch with the theme of the event, which not only divulged the problem, but offered steps security teams can take to help respond and remedy the threat.
As with many other cyber security conferences, many current issues, threats, and exploit techniques were discussed. What made ACSC different was the volume of content focusing on how to address problems and how to measure security risk, including steps organisations can take to position themselves closer to their security objectives.
This was a refreshing divergence from many similar events. It’s easy to get bogged down in the weeds and become polarised on the multitude of dangerous threats to our cyber identities, our businesses and our general virtual existence. There is also a vast amount of noise within our industry from vendors, organisations and community bodies that focus on the state of the cybers security marketplace.
It was refreshing to attend an event that focuses on offering steps to help make progress towards better cyber security posture and presence a reality.
Australia’s maturity and attitude around cyber security is impressive and, in terms of the development of mandates and strategies to provide solutions and security risk measure, the region is a frontrunner in the market.
One session on that topic was an update session from the ASD, featuring updates to the ISM mitigating strategies, the Information Security Registered Assessors Program (IRAP) program and certifying the cloud. With Australia’s cloud initiatives (and the global focus on security within cloud solutions), this session was particularly timely and valuable.
After the session, Melissa Osborne, Director of Cyber Security Industry Partnerships, Cyber Security Division at the ASD, shared interesting insight into the development of cyber security initiatives promoted by the ASD that are moving forward within the region.
Carbon Black promotes the idea of implementing a security mitigation baseline as a good first step towards moving to a better security posture, but the ease which businesses can implement these baselines will make or break their cyber security programs.
Our Event Stream Processing technology, streaming prevention, fits comfortably into the mould of helping to address the security themes at the ACSC event, as well as strategies discussed by the ASD. The focus on applying thresholds, risk and priority to security events is of paramount importance in hitting the objectives of current threat-mitigating strategies. This was a common theme during the ACSC event, and is becoming increasingly more common at today’s cyber security events.
We should keep a close eye on cyber developments across Australia and Asia Pacific, especially the work being done by the ASD. When it comes to cyber security and the ever-growing list of data security and protection mandates, there is much we can gather from the security-control recommendations found within the ISM.
The ACSC event was a fine example of the region’s mindset – one that recognises and addresses the threat, but also develops ways to remediate and measure the problem. Carbon Black will continue to do its part and work diligently with organisations such as the ASD, and others throughout the globe, advocating strategies to help organisations to measure their security posture, get a grip on their security policy, prioritise their solutions and take another step closer to a world safe from cyber attacks.
Article by Christopher Strand, security risk and compliance officer, Carbon Black.