In an age of digital transformation, cybersecurity emerges as an essential consideration for organisations. Amidst the escalating threat of cybercrime and a string of high-profile attacks, current trends are leading Australian organisations to reassess their approach. These trends involve changing regulations, confusion about security products, and the drive to save costs through consolidation.
Let’s explore some of these key drivers in cybersecurity further.
Key Driver #1: Compliance
The primary driver of digital transformation in cybersecurity right now is the growing level of compliance and regulations around digital infrastructure and data. The latest of these include cybersecurity laws and updates, particularly for critical infrastructure.
In 2018, Australia introduced the Security of Critical Infrastructure Act (SOCI Act) to protect critical assets across the energy, utilities and ports sectors. In response to the COVID-19 pandemic, the Government has recently extended these sectors to include other essential services.
Under the updated Act, organisations operating in the following sectors are now considered critical infrastructure: communications, financial services, data storage and processing, defence, higher education and research, energy, food and grocery, health care and medical, space technology, transport including aviation and maritime, water and sewerage.
Some of the security obligations covered by the SOCI Act include maintaining a register of Critical Infrastructure assets and mandatory notification of cybersecurity incidents within 12 to 72 hours of detection, depending on the severity of the impact. Some specific entities from the sectors listed above are also required to develop and maintain a Critical Infrastructure Risk Management Program (CIRMP) and provide an annual report. Notably, the CIRMP framework requirements need to be met by a deadline of 17 August 2024.
Beyond critical infrastructure, the Australian Signals Directorate has developed the comprehensive Information Security Manual (ISM) as cybersecurity guidelines and the more compact Essential Eight. The Essential Eight are considered a baseline of the most effective mitigation strategies for internet-connected IT networks. Adhering to the Essential Eight is mandatory for government agencies and is often required as part of procurement for suppliers and partners. While tailored for government entities, many other Australian organisations are also choosing to adopt these strategies to fortify their defences.
Key Driver #2: Confusion
If the acronyms involved in cybersecurity and compliance are proving a challenge for you to stay on top of, then you’ll be pleased to know that you are not alone. Many technology leaders are struggling due to the sheer growth in the volume of cybersecurity products and solutions available.
With almost every vendor offering some form of security, comparing their differences can be difficult. Add in the complexities and differences between various security approaches such as Secure Access Service Edge (SASE), Cloud Access Security Broker (CASB) or Extended Detection and Response (XDR), and it’s a steep learning curve for any professional.
It is, however, an essential learning curve to tackle head on. Choosing the right products for your organisation and staying up to date on the scope and level of protection is critical to avoid some of the more opportunistic threats and complex attack vectors. According to the latest ASD Cyber Threat Report, one in 5 critical vulnerabilities is exploited within 48 hours of detection.
Key Driver #3: Consolidation and Cost Benefits
Another driver due to the explosive growth in cybersecurity products is the need to consolidate or rein in technology costs. For organisations with many individual cybersecurity products in place or access to suites of products that have been updated or extend security further, it can be challenging to understand where the solutions begin and end across your infrastructure.
Keeping track of updates, configurations, and alerts across several products can be a recipe for burnout and missed threats. Many vendors also offer security solutions that are now platform and brand-agnostic and go beyond the remit of their ecosystem. By better understanding the depth of each cybersecurity offering and where they overlap, you can streamline and optimise the overall protection and make some savings.
Whether your approach is to limit security solutions to as few vendors as possible or avoid not having all your eggs in one basket, it all comes down to your organisation’s preferences. There are valid arguments for going down either route. However, a consolidation approach in either scenario can still lead to cost benefits and greater insight into your overall cybersecurity posture.
When it comes to cybersecurity for your organisation, getting it right is necessary. Whether transforming your cybersecurity due to compliance, cutting through the confusion or consolidation, you can make the most of the opportunity to improve your overall posture.