SecurityBrief Australia logo
Australia's leading source of cybersecurity and cyber-attack news
Story image

Why a more secure organisation is a collective responsibility

By Contributor
Mon 12 Apr 2021
FYI, this story is more than a year old

Article by Vectra AI director of security engineering for APJ Chris Fisher.
 

Amid the current global pandemic, one of the largest containment measures implemented globally was the massive shift to remote working, which rapidly accelerated the adoption of hybrid cloud to improve business agility and respond to changing customer needs. 

With vast volumes of data moving to the cloud, many IT professionals are frequently challenged to protect their enterprise environment, and there is a greater focus being placed on advancing cybersecurity strategies. 

Gartner has forecast Australian organisations will spend more than A$4.9 billion on enterprise information security and risk management products and services in 2021. Similarly, the Australian government’s Cyber Security Strategy plans to invest $1.67 billion over ten years to achieve a more secure online world for its citizens. Meanwhile, almost a million New Zealanders are reported to be falling victim to cybercrime and costing businesses vast sums every year. 

The reality is that cloud and digital transformation still presents transitional gaps and opportunities for adversaries to benefit from the speed and scale of cloud. With many organisations increasing their cloud software usage, Microsoft continues to dominate the productivity space with 115 million daily active users. 

However, Vectra AI’s new research revealed that 71% of Microsoft Office 365 deployments suffered an average of seven malicious account takeovers in the last 12 months to February 2021. The fact that three in four companies have experienced hostile account takeover attacks highlights the need to track and secure identities as they move from on-prem to the cloud. 

The confidence displayed by security decision-makers in their ability to prevent account takeover attacks is a stark contrast to the rising number of attacks and long dwell times. Just one in three security professionals believe they could immediately identify and stop an account takeover attack; the majority expect to take days or even weeks to intercept such a breach. 

With the new work-from-home paradigm, the proliferation of data-driven applications, and the advancement of technologies such as artificial intelligence (AI) and the Internet of Things (IoT) in the enterprise, cyber-criminals are also using more advanced tools and sophisticated methods to attack organisations and breach privacy. User account takeover in Office 365 is the most effective way for an attacker to move laterally inside an organisation’s network. 
 

Bridging the knowledge gap 

Constantly evolving threats means around-the-clock effort and highly specialised skills to bolster enterprise cybersecurity, particularly within a hybrid cloud environment. Typically, most organisations have lean IT teams and lack the cybersecurity expertise required to pre-empt and mitigate sophisticated threats, placing enormous strain on already limited resources. 

At a time when remote working is here for the long-term, the cyber-threat attack surfaces (such as personal devices) and landscapes (new vulnerabilities) are getting wider, building a security-minded culture becomes a collective responsibility. 

Approximately 96% of ANZ survey respondents indicated their organisation’s cybersecurity risk had increased in 12 months to February 2021 due to increased Microsoft Office 365 usage during the pandemic disruption. The primary security concern now is the risk of data being compromised and hackers’ ability to hide their tracks using legitimate Microsoft tools, such as Power Automate and e-Discovery. 

Senior leadership teams in any industry may be guilty of assuming that cybersecurity issues are the sole remit of their firm’s cybersecurity team. But that is no longer true in a digital economy, when data breaches or DDoS attacks can damage business, reputation and customer loyalty. Building digital trust comprises an entire ecosystem — from suppliers to customers, business partners to employees, and so much more. 

To better protect an organisation from inside and external threats, here are some best practice tips:

Apply a mix of subject matter experts and technology

It’s not enough to just invest in the tools, but it matters to build knowledge and establish stringent governance frameworks. That’s where vendors with true cybersecurity expertise drive value, helping organisations draw upon expertise and intelligent, AI-driven detection tools and gain deep visibility into security and compliance gaps. 

Understand the threat landscape

It is imperative that organisation genuinely understand their new enterprise network. Perimeters of the network vanished during 2020 as organisations shifted to the cloud — however, this doesn’t mean the network has vanished. The modern enterprise network is now data center, IaaS, SaaS and PaaS. 

The enterprise must have visibility into these networks and track attackers as they pivot through these environments. Viewing each network in isolation will only lead to blind spots and allow attackers dwell time as they hide in the shadows. Organisations must build detection and response capabilities that can shine a light into all these environments and track attacker behaviour as they attempt to move laterally through these environments. 

Prioritise and respond at speed and scale 

It is critical that enterprises not only identify attackers as they pivot through the modern network, but they must have the ability to respond rapidly and in a consistent way across all network stacks, be that IaaS, SaaS, PaaS, or data center. 

The only way the enterprise can achieve this is via prioritisation of incidents leveraging AI and automation. This will then ensure that the limited capacity of the SOC will have the best chance to drive down metrics such as mean time to remediation, therefore reducing the impacts of attackers and reducing the risk of a widespread breach. 
 

Building a secure organisation for the future 

Research has found that countries with established digital economies, including Australia, Japan, Singapore, and New Zealand have the highest exposure to cyber-risks. With a scarcity of talent, many organisations struggle with experience shortfalls in their cybersecurity team. 

Unless security investments are made into response capabilities, the attacker-responder gap will continue to grow. How quickly an entity responds to a breach and identifies the attacks quickly and effectively will determine who succeeds in this fast-changing time.

Related stories
Top stories
Story image
Cybersecurity
Cybersecurity prompts upgrade for 1.3 billion electricity meters
ABI Research finds Advanced Metering Infrastructure (AMI) and cybersecurity concerns are prompting the upgrade of 1.3 billion electricity meters by 2027.
Story image
Training
Trojan cyber attacks hitting SMBs harder than ever - Kaspersky
In 2022 the number of Trojan-PSW detections increased by almost a quarter compared to the same period in 2021 to reach 4,003,323.
Story image
Cybersecurity
Comcast to use ThreatQuotient for cybersecurity operations
Comcast, the parent company of NBC Universal and SKY Group, has chosen ThreatQ Platform and ThreatQ Investigations to meet their cybersecurity needs.
Story image
New Relic
New Relic launches vulnerability management platform
New Relic has introduced New Relic Vulnerability Management to help organisations find and address security risks faster and with greater precision.
Story image
Cybersecurity
BlackBerry offers Kaspersky replacement cybersecurity for the channel
BlackBerry advises that users of Kaspersky software in Australia and New Zealand undertake a rigorous risk analysis of their current security posture.
Story image
Ivanti
Ivanti and Lookout bring zero trust security to hybrid work
Ivanti and Lookout have joined forces to help organisations accelerate cloud adoption and mature their zero trust security posture in the everywhere workplace.
Story image
Digital Transformation
How to modernise legacy apps without compromising security
At a time when digital transformation has become central to business, even the most important applications come with a ‘use-by’ date.
Story image
SaaS
Absolute Software expands Secure Access product offering
Absolute Software is enhancing its Secure Access product portfolio, enabling minimised risk exposure and optimised user experiences in the hybrid working environment.
Story image
Phishing
Google reveals new safety and security measures for users
Google's new measures include automatic two step verification, virtual cards and making it easier to remove contact information on Google Search results.
Story image
Ransomware
Alarming surge in Conti Ransomware Group activity - report
A new report has identified a 7.6 per cent increase in the number of vulnerabilities tied to ransomware in Q1 2022.
Story image
Cybersecurity
Managed service providers: effective scoping to avoid costly vendor pitfalls
Managed security services are outsourced services focusing on the security and resilience of business networks.
Story image
Silver Peak
The path to an adaptive, modern network
Managing and securing the network looks different than it did just two years ago—especially given that most of these networks are made up of multi-generations of infrastructure stitched together over time.
Story image
trust
9/10 Aussies to stop spending if personal data compromised
"Based on the patterns we are seeing among Australian consumers, it is evident that trust in a brand is exceptionally important."
Story image
Ransomware
Ingram Micro Cloud adds Bitdefender solutions to marketplace
Ingram Micro Cloud has announced the expanded availability of Bitdefender solutions on the Ingram Micro Cloud Marketplace.
Story image
Artificial Intelligence
Updates from Google Workspace set to ease hybrid working troubles
Google Workspace has announced a variety of new features which will utilise Google AI capabilities to help make hybrid working situations more efficient and effective.
Story image
Malware
New vulnerabilities found in Nuspire’s Q1 2022 Threat Report
“Threat actors are quickly adjusting their tactics and these exploits tend to get industry attention, but the threat posed by older and attacks still persists."
Story image
ChildFund
ChildFund launches new campaign to protect children online
ChildFund says WEB Safe & Wise aims to protect children from sexual exploitation and abuse online while also empowering them to become digitally savvy. 
Story image
Cybersecurity
More than 40% of banks worried about cloud security - report
Publicis Sapient's new report finds security and the lack of cloud skills and internal understanding of business benefits are big obstacles for banks moving to the cloud.
Story image
Amazon Web Services / AWS
RedShield leverages AWS to scale cybersecurity services
"Working with AWS gives RedShield the ability to mitigate significant application layer DDoS attacks, helping leaders adopt best practices and security architectures."
Story image
Tech job moves
Tech job moves - Datacom, Micro Focus, SnapLogic and VMware
We round up all job appointments from May 6-12, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Vectra AI
Understanding the weight on security leader’s shoulders, and how to shift it
Millions of dollars of government funding and internal budgets are being funnelled into cybersecurity to build resilience against sophisticated threats, indicating how serious this issue has become.
Story image
Artificial Intelligence
How to ensure ethical deployment of AI implementations
The increase in automation and machine technology such as AI and machine learning has unlocked a whole new level of scale and service to organisations. 
Story image
Ransomware
Cybersecurity starts with education
In 2021, 80% of Australian organisations responding to the Sophos State of Ransomware study reported being hit by ransomware. 
Story image
Cybersecurity
Video: 10 Minute IT Jams - An update from IronNet
Michael Ehrlich joins us today to discuss the history of IronNet and the crucial role the company plays in the cyber defence space.
Story image
BeyondTrust
BeyondTrust integrates Password Safe solution with SailPoint
BeyondTrust has announced the integration of BeyondTrust Password Safe with SailPoint identity security offerings.
Story image
Artificial Intelligence
AI-based email security platform Abnormal Security valued at $4B
"A new breed of cybersecurity solutions that leverage AI is required to change the game and stop the rising threat of sophisticated and targeted email attacks."
Story image
VPN
The most common online scams in Australia
No one is safe from online scammers, and many of these scammers have capitalised on the pandemic, using this confusing time to attack more people than ever.
Story image
Application Security
What are the DDoS attack trend predictions for 2022?
Mitigation and recovery are vital to ensuring brand reputation remains solid in the face of a Distributed Denial of Service (DDoS) attack and that business growth and innovation can continue.
Story image
Remote Working
Australia’s remote workers face connectivity and security issues
SOTI's new report finds better video conferencing technology and improved security measures are top concerns for remote workers in Australia.
Story image
Cybersecurity
Infoblox's State of Security Report spotlights Australian remote work hazards
Attackers exploit weak WiFi, remote endpoints, and the cloud, costing 50% of organisations over $1.3 million in breach damages.
Story image
Employment
Tech job moves - Forcepoint, Malwarebytes, SolarWinds & VMware
We round up all job appointments from May 13-20, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
SaaS
Rubrik Security Cloud marks 'next frontier' in cybersecurity
"The next frontier in cybersecurity pairs the investments in infrastructure security with data security giving companies security from the point of data."
Story image
Migration
Let’s clear the cloud visibility haze with app awareness
Increasingly, organisations are heading for the cloud, initiating new born-in-the-cloud architectures and migrating existing applications via ‘lift and shift’ or refactoring.
Story image
Cybersecurity
The 'A-B-C' of effective application security
Software applications have been a key tool for businesses for decades, but the way they are designed and operated has changed during the past few years.
Story image
Cloud Security
Aqua Security createa unified scanner for cloud native security
“By integrating more cloud native scanning targets into Trivy, such as Kubernetes, we are simplifying cloud native security."
Story image
Data Protection
Barracuda launches new capabilities for API Protection
"Every business needs this type of critical protection against API vulnerabilities and automated bot attacks," Barracuda says.
Story image
Remote Working
How zero trust and SD-WANs can support productive remote working
The way people connect with applications and data has changed, users are remotely accessing resources that could be stored anywhere from a corporate data center to the cloud.
Story image
Cybersecurity
A10 Networks finds over 15 million DDoS weapons in 2021
A10 Networks notes that in the 2H 2021 reporting period, its security research team tracked more than 15.4 million Distributed Denial-of-Service (DDoS) weapons.
Story image
Sift
Sift shares crucial advice for preventing serious ATO breaches
Are you or your business struggling with Account Takeover Fraud (ATO)? One of the latest ebooks from Sift can provide readers with the tools and expertise to help launch them into the new era of account security.
Story image
Ransomware
A third of companies paying ransom don’t recover data - report
Veeam's report finds 76% of businesses who are victims of cyberattacks paid the ransom to recover data, but a third were still unable to get their information back.
Story image
Workato
Workato unveils enhancements to enterprise automation platform
"The extra layer of protection with EKM, zero-logging, and hourly key rotation gives customers a lot more visibility and control over more sensitive data."
Story image
Remote Working
Successful digital transformation in the hybrid work era is about embracing shifting goalposts
As organisations embraced remote working, many discovered they lacked the infrastructure needed to support history’s first global load test of remote work capabilities.
Story image
Qualys
Qualys updates Cloud Platform solution with rapid remediation
The new update is designed to enable organisations to fix asset misconfigurations, patch OS and third-party applications, and deploy custom software.
Story image
Phishing
KnowBe4 celebrates reaching 50,000 customers worldwide
KnowBe4 has reached the milestone of 50,000 customers, adding nearly 2,500 in the first quarter of 2022 alone.