The ongoing risks to businesses and governments from cybersecurity threats was highlighted again last week, when the federal government announced Australia was the target of a “sophisticated state-based cyber actor”.

While no key government or business networks had been breached, the number of attacks had been steadily increasing, Prime Minister Scott Morrison said.

To get some on-the-ground perspective, Stockhead took the opportunity to speak with Rob van Es — Asia Pacific vice president of cybersecurity firm Illumio.

The main takeaways were that while Australian companies are increasingly taking the threat of attacks more seriously, rapid improvements in technology pose complex challenges of their own in the months and years ahead.

“What we’ve seen is the frequency of attacks has gone up and with that, the chance that ‘you’re next’ is increasing so it’s a concerning situation for a lot of companies,” van Es said.

“It’s really something we’re seeing around the world, with more sophisticated attacks. What we’re seeing now — such as with this the government’s announcement — is that the effects of these attacks are becoming more public and so everyone’s getting an education very quickly.”

van Es said the overriding challenge for companies in 2020 was a catch-22; cyber threats are becoming more sophisticated, in an environment where technology is increasingly used.

He pointed to the rapid adoption of Internet of Things (IoT) technology and Operational Technologies (OT) in industries such as mining and manufacturing, where companies rely on sophisticated sensor networks to communicate with corporate data centres – increasing the attack surface.

The COVID-19 pandemic has also created material risks of its own, as businesses move to secure their networks from a higher number of remote locations.

“Trying to defend a perimeter that is constantly changing — that’s what makes it really hard,” van Es said.

“Companies want open network communications and the latest technology, but the challenge is that from a security perspective, in effect you want nothing to be connected.

“So you have those opposing forces where companies need to stay connected, but they also run the risk of being held to ransom.”


Visibility is key

In view of that, van Es said a key theme he noticed on the ground was a definite “uptick” in interest about solutions to fit this new paradigm.

At industry conferences for example, there’s an increased focus on the “zero trust” framework — a cybersecurity buzzword coined by Forrester Research analyst John Kindervag.

In effect, the idea questions existing security mechanisms which work on the assumption that all networks within an organisation can be trusted.

In the current era, that leaves companies vulnerable to modern-day cybersecurity attacks which typically move laterally — breaching an individual computer or network and using that as an entry point to the wider information system.

“Traditional systems where people only program standardised firewalls, in an environment that could be changing every minute or every day — they’re not going to work anymore,” van Es said.

“From our perspective, the most important thing right now is visibility. You need visibility across your network to as, what are the paths that people could attack me from and if there’s connections that shouldn’t be there, we have to close the door.

“The bottom line is, don’t trust anything unless you can explicitly and simply explain why you should communicate with this particular device or server.”