Reducing growing security costs without compromising compliance
The pandemic has forced critical infrastructure and essential service industries to digitise and move to the cloud. It has also driven digital-reliant organisations to be increasingly vulnerable to cyberattacks.
While many companies have already bolstered their cyber protection investments, pressures to increase security levels and compliance keep on growing.
Just last July, the Australian Government amended the Security of Critical Infrastructure Act 2018 (SOCI Act), subjecting more Australian organisations to strict 12-hour cyber incident reporting requirements.
The series of serious data breaches that have recently affected large Australian organisations only put policy conversations more front and centre and prompted organisations to reinforce their defences to better protect data.
While that's absolutely needed, this is also driving spiralling cybersecurity costs.
More data + more cloud = more dollars
A large part of the rising cybersecurity costs comes from the rising use of cloud services.
The more data you have in the cloud, the more complex – and by extension costly – it is to monitor traffic and ensure data is protected.
With an average annual cost of thousands of dollars per application, hundreds or thousands of applications in a cloud or hybrid cloud environment can become expensive.
The increasing operational costs and complexity have been primarily driven by the changes in working patterns, with workers no longer operating in the same controlled environment as they were a few years ago.
Navigating new challenges
First, cloud resources are an extension of the network, but they represent digital challenges in terms of workload, data, and performance.
Secondly, many organisations still think that the cybersecurity solutions they invested in some years back remain fit for purpose, both from a protection and compliance perspective, which is unfortunately not true.
The data sources and endpoints aren't where they used to be. Complex cloud-based services and wireless networks in dispersed environments, combined with users being anywhere in the world, make it difficult for tech teams to be certain that everyone on the network is allowed to be there.
Keys to streamlining costs while improving compliance
Streamlining costs is key to allow critical infrastructure organisations in Australia to respond to both growing threats and compliance requirements.
- Reducing the number of disparate cybersecurity solutions implemented
Many organisations rely on a myriad of tools to secure their cloud infrastructure, user identities and monitor their network.
It was previously believed to be effective to keep adding in bespoke systems, layering systems on systems on systems, but we are now realising that critical savings can be made by replacing multiple solutions with fewer solutions that offer broader benefits and are more fit for purpose.
This isn't necessarily about throwing away all the different tools, but rather not to depend upon them for things that a centralised solution can more easily and effectively provide and make security teams' jobs easier to help them save precious time and, by extension, money.
It may be worth considering native cloud tools as well, as they have some built-in integration benefits that will provide organisations with better visibility of their environments.
- Deciding what to monitor, without compromising on visibility or control
With more data in the cloud and transiting through devices and applications than ever, network monitoring is key. Yet, monitoring every single element of the network in depth would turn into an unwieldy endeavour, and, again, unnecessary time and costs.
CISOs should first prioritise the capture of status information about current network devices and secondly ensure that essential services such as email, website, and file transfer services are consistently available.
Flow logs – which enable information capture about the IP traffic going to and from network interfaces – are an ideal solution to optimise cloud monitoring costs.
But being more strategic about traffic monitoring shouldn't come at the cost of compromising on visibility of control over the network. Each organisation needs to find the right balance.
- Governing systems with a tagging strategy
Cloud governance comes with great responsibility - with the speed that cloud infrastructure solutions provide, the number of systems or services can grow rapidly and uncontrollably.
Organisations should consider developing a tagging strategy to help identify a class of systems. Standard tags have many benefits when it comes to reporting on which systems are critical and who their owners are. In the end, having clear visibility of ownership and classes of systems will benefit cost control and security.
Encrypting data
Priority should be put on solutions that will protect the data itself, for example, via encryption.
It is about securing the data first to render it unusable, even in the event it is hacked or leaked.
As the recent Australian data breaches have shown, cyberattacks can have truly dramatic consequences, from deeply damaging reputation, sales, and trust to organisations' ability to operate and even jeopardise people's safety. Investing in a proper data protection strategy is not something to just consider, it is a must, especially if you can streamline costs along the way.