Expert view: Technology is a blessing and a curse when it comes to global cybersecurity threats – Stockhead

The ongoing risks to businesses and governments from cybersecurity threats was highlighted again last week, when the federal government announced Australia was the target of a sophisticated state-based cyber actor.

While no key government or business networks had been breached, the number of attacks had been steadily increasing, Prime Minister Scott Morrison said.

To get some on-the-ground perspective, Stockhead took the opportunity to speak with Rob van Es Asia Pacific vice president of cybersecurity firm Illumio.

The main takeaways were that while Australian companies are increasingly taking the threat of attacks more seriously, rapid improvements in technology pose complex challenges of their own in the months and years ahead.

What weve seen is thefrequency has gone up and with that, the chance that yourenext is increasing so its a concerning situation for a lot of companies, van Es said.

Its really something were seeing around the world, with more sophisticated attacks. So I think what were seeing now such as this the governments announcement is the effects of these attacks are becoming more public and so everyones getting an education very quickly.

van Es said the overriding challenge for companies in 2020 was a catch-22; cyber threats are becoming more sophisticated, in an environment where technology is increasingly used.

He pointed to the rapid adoption of Internet of Things (IoT) technology in industries such as mining and manufacturing, where companies rely on sophisticated sensor networks to transmit key data.

The COVID-19 pandemic has also created material risks of its own, as businesses move to secure their networks from a higher number of remote locations.

Trying to defend a parameter that is constantly changing thats what makes it really hard, van Es said.

Companies want open network communications and the latest technology, but the downside is that from a security perspective, in effect you want nothing to be connected.

So you have those opposing forces where companies need to stay connected, but they also run the risk of being held to ransom.

In view of that, van Es said a key theme he noticed on the ground was a definite uptick in interest about solutions to fit this new paradigm.

At industry conferences for example, theres an increased focus on the zero trust framework a cybersecurity buzzword coined by Forrester Research analyst John Kindervag.

In effect, the idea questions existing security mechanisms which work on the assumption that all networks within an organisation can be trusted.

In the current era, that leaves companies vulnerable to modern-day cybersecurity attacks which typically move laterally breaching an individual computer or network and using that as an entry point to the wider information system.

Traditional systems where people only program standardised firewalls, in an environment that could be changing every minute or every day theyre not going to work anymore, van Es said.

Thats how ransomware attacks happen move very quickly. They dial into companies networks, get an understanding of what they have access to and control the blast radius.

From our perspective, the most important thing right now is visibility. You need visibility across your network to as, what are the paths that people could attack me from and if theres connections that shouldnt be there, we have to close the door.

The bottom line is, dont trust anything unless you can explicitly and simply explain why you should communicate with this particular device or server.

Get the latest Stock & Small Caps news and insights direct to your inbox.

It's free. Unsubscribe whenever your want.

You might be interested in

Link:

Expert view: Technology is a blessing and a curse when it comes to global cybersecurity threats - Stockhead