Australian firms urged to adopt proactive cybersecurity strategies
Orange Cyberdefense and watchTowr have highlighted the importance of proactive, preemptive management in strengthening the cybersecurity posture of Australian enterprises amid a changing, complex cyberthreat landscape.
Charl van der Walt, Head of Security Research at Orange Cyberdefense, emphasised the need for organisations to understand the broader factors driving cyber risk and threats across the Asia Pacific (APAC) region. Referring to the PEST framework - Political, Economic, Sociocultural, and Technological - he describes how these systemic forces inform current and emerging threat patterns and behaviours.
"Essentially, the PEST framework is to provide a plausible explanation on the systemic forces that converge the realities people are experiencing today with threat patterns and behaviors. And hopefully with that understanding, more organisations can get ahead and start anticipating what may happen tomorrow," said Charl.
He noted that despite the value of the PEST framework, much of cybersecurity response remains reactionary rather than forward-looking: "However, having said this, I think there has been very little vision, costing in cybersecurity as we are mostly reacting to a new threat or a change in a threat as a knee-jerk response. And a big part of what we do at Orange Cyberdefense is to synchronise research intelligence and innovation that helps us hypothesise will happen tomorrow and how we can prepare in response to that changing environment."
Van der Walt also noted that, while Australia has not experienced major hacktivist campaigns this year, it has seen significant cyberextortion activity. He said that Australia is the most-affected country in APAC for reported cyberextortion incidents, accounting for 22.22% of cases. One high-profile incident this year saw the database of a major airline compromised, resulting in legal action to prevent unauthorised access to customer data.
Recent legislation requires Australian entities with over AUD$3 million in annual turnover to report any ransom payment demand to the government within 72 hours, a move aimed at improving visibility of cyberextortion activity.
Van der Walt argued that the complexity and variety of cyber threats in APAC underline the usefulness of a high-level analytical perspective, explaining, "This was why PEST had been conceived with a high-level perspective to show 'why we are where we are' today, and how organisations themselves can get their security posture ahead."
The Political dimension within PEST focuses on 'Power Projection' and the escalating 'Balkanization' of cyberspace. Van der Walt commented that countries lacking resources to develop indigenous technologies form alliances with stronger nations, often leading to dependency and reduced autonomy.
"Very few countries have the resources or capabilities to develop their own 'indigenous technologies', which enables their autonomy. Hence, these smaller nations resort to forming alliances with more powerful cyber nations to secure themselves and safeguard their place at the table of nations but loses their autonomy and technological control in this process once they become fundamentally beholden to the dominant nation that supplies them with the technology stacks. This then accelerates the cyber balkanization process with politically aligned camps that run the same hardware and software that is developed and controlled by the superpower."
On the Economic front, van der Walt highlighted potential risks associated with the dominance of platform businesses, particularly cloud platform providers and large language models. These dependencies may pose economic and geopolitical risks.
From a Sociocultural perspective, he said that the rapid adoption of new digital tools is outpacing security teams' ability to assess and address risks, especially as employee-driven choices shape organisational technology stacks.
Technologically, van der Walt cited the evolving threat landscape posed by advances such as AI, operational technology (OT), and quantum computing. He said, "In OT / IoT, the real threat is not on the compromise of individual devices, but in the adversaries' ability to understand and manipulate processes which are often underestimated in security solutions and penetration testing."
Rapid threat detection
The sessions were held in partnership with watchTowr, whose APAC Vice-President, Elvina Liow, discussed the company's Preemptive Exposure Management (PEM) platform. Liow stressed the growing speed at which attacks are deployed and the importance of rapid vulnerability identification.
"Our Preemptive Exposure Management (PEM) platform - which combines our External Attack Surface Management and Continuous Automated Red Teaming - is our unique proposition that we bring to the table alongside Orange Business. Essentially, it allows customers to know what real attackers are doing right now and what's coming, so that they understand their exposure on time to know what they can actionize to prevent breaches and to stay in business," said Liow.
Liow added that PEM could be smoothly integrated into digital infrastructure, enabling organisations to respond quickly to new threats before they are exploited.
Liow described how attackers are frequently targeting critical infrastructure, explaining, "Critical infrastructure customers are highly targeted by attackers, and it takes just 4 to 5 hours for an 'infected system' to become widespread. Thus, we help customers scan and validate vulnerabilities in real time from deploying backdoors to letting them know if they are infected - all in under 3 hours. In fact, by leveraging AI, we can detect exposures at pinpoint accuracy within 7 minutes because speed is key."
Practical steps for resilience
During meetings with Australian customers, van der Walt recommended several practical steps to improve cybersecurity: making strategic procurement choices, reducing attack surfaces by auditing internet-facing assets, acquiring suitable threat intelligence, and partnering locally for expertise.
