Powered by MOMENTUM MEDIA
Powered by MOMENTUM MEDIA

Website Notifications

Get notifications in real-time for staying up to date with content that matters to you.

Op-Ed: As cyber attacks continue to threaten Australia, government organisations need to fight back

If 2020 showed us anything, it’s that organisations — big and small, public and private, for profit and non-profit — need to be prepared for anything.

If 2020 showed us anything, it’s that organisations — big and small, public and private, for profit and non-profit — need to be prepared for anything.

High profile data breaches in 2020 impacted organisations across Australia, including the Marriott, the University of Tasmania, and Transport for NSW, reminding us that cyber criminals continue to prey on cyber security vulnerabilities - especially as users continue to access sensitive data and applications from outside the network perimeter.

Advertisement
Advertisement

Recognising the threat, the Australian federal government released a new cyber security strategy in August 2020, providing proposed amendments and regulatory framework to the Security of Critical Infrastructure Act 2018.

Central to the proposal is the expansion of the industry sectors the government considers “critical infrastructure”. Joining banking, health and transportation is the government services sector. And, it’s easy to see why. In a 12-month period between July 2019 and June 2020, the Australian government was the target of more than 400 cyber attacks — approximately one-third of all documented cyber-attacks in Australia. In fact, IBM Security estimates that 13 per cent of all global cyber attacks are state-sponsored.

Shutting down or overwhelming key government services could impact Australia’s ability to respond to an emergency or cripple the country’s social safety net. The Australian government and private partners calculated that a four-week disruption to the country’s internet would cost $30 billion and result in a loss of more than 163,000 jobs.

Government departments and agencies need to migrate away from traditional detect and respond security practices in favour of a more proactive threat protection strategy that protects against increasingly sophisticated malware threats such as zero days, watering hole attacks and drive-by downloads.

Government organisations also need to prevent spear phishing and other credential theft attempts and enforce security updates. And they need to do this while reducing security complexity and the time spent on manual security tasks.

As we’ve documented many times before, accomplishing this with legacy security approaches is impossible. Instead, government organisations need to embrace internet isolation as a way to keep critical infrastructure safe from cyber attacks.

Isolation-powered security creates a protective layer around users as they navigate, blocking not only known and existing threats but unknown and future threats, too. Rather than responding to attacks after the fact, IT teams can prevent them from reaching workers in the first place.

This removes a big burden from the shoulders (and the to-do lists) of security teams and agencies can eliminate the ability for web and email-based malware to infect, spread and harm the ecosystem.

As cyber security threats grow in volume and sophistication and potential outages increase in impact, Australian government organisations are facing new security challenges.

Using isolation security to prevent malicious actors from accessing the end point and spreading from there to the rest of the network is a cost-efficient and highly effective way to meet these threats and reduce security risks. 

Stephanie Boo is vice president, APAC, Menlo Security.

Op-Ed: As cyber attacks continue to threaten Australia, government organisations need to fight back
asd-capabilities-cyber-crime_37fb.jpg
lawyersweekly logo

more from cyber security connect

Jul 28 2021
Iranian hackers pose as female to honeypot defence contractor
An Iranian linked hacking group spent years cultivating a Facebook profile to target a defence contr...
Jul 28 2021
Aus Cyber Security Centre unveils new foreign supply-chain guidelines for businesses
If there’s anything that recent cyber security attacks have taught the industry, it’s that even ...
Jul 28 2021
RMIT unveils plans to launch supercomputing facility, first Australian university to reach milestone
Melbourne’s RMIT has unveiled a plan to be Australia’s first university to launch a cloud superc...