Our director of security solutions Neil Campbell and Stephen Dane, Cisco’s managing director of security for Australia Pacific and Japan, reflect on the last 12 months of cyber security.
Organisations across the globe recognise that getting security right from the outset is a critical success factor to do business in today’s world. As global leaders in security, Cisco and Telstra have been partnering to provide security services to customers for over a decade. Today at Cisco Live, Neil Campbell, Telstra’s Director of Security Solutions and Stephen Dane, Cisco’s Managing Director of Security for Australia Pacific and Japan got together to reflect on the last 12 months in the cyber security world.
What was your biggest learning within cyber security in the last 12 months?
Neil Campbell: In the past 12 months, there’s been a noticeable shift in industry mindset, with many business leaders moving to an ‘expectation of breach’ mentality and implementing a wide range of programs to support this view, including security audits, risk assessments and compliance tools through to continuous end-user training.
However, ransomware is continually on the rise and is becoming increasingly targeted. With events such as the WannaCry ransomware, NotPetya malware, the Equifax breach, and the leaking of hacking tools by a group called the Shadow Brokers, the past year has seen large-scale cyber events dominate the headlines. Criminals are also increasingly using social engineering to hijack accounts and trick organisations into wiring large amounts of money into their accounts.
Stephen Dane: Similar to the previous 12 months, the adversaries are just as tenacious that this is not just a big enterprise issue. Cyber security is an issue for every organisation, big and small, here in Australia. The key learning over the last 12 months, as outlined in our recently released 2018 Cybersecurity Report, is that adversaries are taking malware to unprecedented levels of sophistication and impact.
Adversaries are becoming more adept at evasion and weaponising cloud services and other technology used for legitimate purposes. Finally, adversaries are exploiting undefended gaps in security, many of which stem from the expanding Internet of Things (IoT) and use of cloud services.
What is your number one advice to businesses looking to increase their cyber security operations?
Neil Campbell: While the cyber threat isn’t new, cyberspace allows crime, espionage, and protest to happen at a pace, scale and reach that is unprecedented. When confronting this challenge, it is easy to place a lot of focus on technical solutions. But, as we’ve seen in public breaches in the past 12 months, people are often the weakest link when it comes to cyber security.
There’s a need to frame the complex problem of cyber security in a way that everyone can engage in; from senior executives right through to every staff member. Our Five Knows of Cyber Security is a significant shift in focus – from a technology discussion to one where senior management can engage in and contribute to the effective management of cyber security risk.
Stephen Dane: With the new legislation covering Mandatory Breach notification upon us in Australia, organisations need to be prepared for a cyber attack. They need an Incident Response plan that is all encompassing – reacting to a cyber incident “on the fly” is not a workable strategy. Organisations need to understand the value of their data, where it is, who has access and then secure it accordingly.
Organisations will find that making strategic security improvements and adhering to common best practices (such as Telstra’s Five Knows) can reduce exposure to emerging risks, slow attackers’ progress and provide more visibility into the threat landscape.
What is going to be the next big challenge for CIOs/CISOs within the industry?
Neil Campbell: Our research shows that the top two challenges globally with regard to security operations are the ability to timely detect and effectively respond to cyber security incidents; and the impact of new technologies such as cloud, IoT, mobile and software-defined networking (SDN).
Making the situation more difficult is the mobile-first approach organisations are adopting to engage their customers (through their ubiquitous smartphones) and employees. The use of these technologies means that traditional security solutions are no longer adequate. CIOs and CISOs must now look at ways to effectively protect corporate data that resides outside the company premises and secure a wider range of endpoints.
Stephen Dane: Organisations are deploying IoT devices at a rapid pace. However, they often pay scant attention to the security of these systems. Unpatched and unmonitored IoT devices present attackers with opportunities to infiltrate networks. Organisations with IoT devices susceptible to attack also seem unmotivated to speed remediation, research suggests.
Worse, these organisations probably have many more vulnerable IoT devices in their IT environments that they don’t even know about. So while there is an opportunity to enhance competitive advantage through IoT as its potential continues to be realised, CIOs/CISOs need to apply rigour from a cyber security perspective.
Cisco Live is taking place between 6 and 9 March 2018 at Melbourne Convention and Exhibition Centre (MCEC). For more information on the sessions, see here.