Story image

Telstra unravels the inevitable convergence of electronic & cybersecurity at ASIAL Conference

26 Jul 2017

Telstra’s director of global security solutions Neil Campbell addressed patrons at the Security Exhibition & ASIAL Conference in Sydney today, stressing that the electronic and cybersecurity worlds will become entwined, but every organisation will take it at a different pace.

In 1992, Campbell joined the computer crime team, knowing nothing about the area. Back then, policing was an analogue discipline, such as paper, typewriters and tape, he explains.

“Back then the kind of places were hacked were universities. I’d go to a system administrator and ask what happened.”  

The IT administrator would respond in such technical terms that he wouldn’t have a clue where to start, or how to relay this information back in court. Campbell is now at Telstra, which is about to launch two security operations centres in Sydney and Melbourne this year.

“Going to the digital world was where everything changed on a large scale. The electronic security industry is going through a similar transition.”

As an example, the NBN network will bring on board alarms and other systems that can’t work in an analogue world – those devices must go towards internet protocol, otherwise known as IP, Campbell says.

“We have analogue lines, which won’t be for much longer because of the NBN. It has to go digital.”

He also says there is a clear advantage to the dual approach to electronic and cybersecurity.

Video monitoring can be placed alongside cybersecurity and computer systems in user and entity behaviour analysis, which means systems can track entries and exits.

“It means you only bother notifying security analysts about important events,” he says.

While Frost & Sullivan analysts predict that every facet of a holistic security system will be digital, Campbell believes it is an optimistic claim.

Every firm has its own journey, and some of those journeys may not involve the convergence between electronic and cybersecurity.

However, as a general direction, all aspects of security are going towards convergence. Organisations should take on board electronic, logical, information, physical and personnel security as part of the new converged future.

Campbell also says that business continuity, disaster recovery and risk management also play an important part in any organisation’s security strategy.

The Internet of Things (IoT), misunderstood by some, is often nothing more than digital sensors attached to the internet. Any analogue technology that has a digital internet sensor is part of IoT.

Campbell believes that cyber threats posed by IoT devices are a major issue: There is a rush to the market and manufacturers not taking appropriate security considerations.

“One of the things we’re always told by Windows is to update. For Apple, we’re told to update. When it comes to IoT, quite often there’s no mechanism to update.”

This leads to insecure sensors and devices, which can put electronic security – whether video surveillance or access tracking – at major risk.

Before embarking on a journey to convergence, Campbell says there are a number of issues organisations should consider when considering electronic and cyber convergence:

  • Systems (what do I have & need, and what information do I have/need)
  • Suppliers (do they understand cyber requirements and are they patch-ready?)
  • People (owners, decision makers, collaboration and communication
  • Issues (executive buy-in, decision-making structures).

The Security Exhibition & ASIAL Conference continues on July 27 & 28 at the International Convention Centre, Sydney.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.