If 2020 showed us anything, it’s that organisations — big and small, public and private, for profit and non-profit — need to be prepared for anything.
High profile data breaches in 2020 impacted organisations across Australia, including the Marriott, the University of Tasmania, and Transport for NSW, reminding us that cyber criminals continue to prey on cyber security vulnerabilities - especially as users continue to access sensitive data and applications from outside the network perimeter.
Recognising the threat, the Australian federal government released a new cyber security strategy in August 2020, providing proposed amendments and regulatory framework to the Security of Critical Infrastructure Act 2018.
Central to the proposal is the expansion of the industry sectors the government considers “critical infrastructure”. Joining banking, health and transportation is the government services sector. And, it’s easy to see why. In a 12-month period between July 2019 and June 2020, the Australian government was the target of more than 400 cyber attacks — approximately one-third of all documented cyber-attacks in Australia. In fact, IBM Security estimates that 13 per cent of all global cyber attacks are state-sponsored.
Shutting down or overwhelming key government services could impact Australia’s ability to respond to an emergency or cripple the country’s social safety net. The Australian government and private partners calculated that a four-week disruption to the country’s internet would cost $30 billion and result in a loss of more than 163,000 jobs.
Government departments and agencies need to migrate away from traditional detect and respond security practices in favour of a more proactive threat protection strategy that protects against increasingly sophisticated malware threats such as zero days, watering hole attacks and drive-by downloads.
Government organisations also need to prevent spear phishing and other credential theft attempts and enforce security updates. And they need to do this while reducing security complexity and the time spent on manual security tasks.
As we’ve documented many times before, accomplishing this with legacy security approaches is impossible. Instead, government organisations need to embrace internet isolation as a way to keep critical infrastructure safe from cyber attacks.
Isolation-powered security creates a protective layer around users as they navigate, blocking not only known and existing threats but unknown and future threats, too. Rather than responding to attacks after the fact, IT teams can prevent them from reaching workers in the first place.
This removes a big burden from the shoulders (and the to-do lists) of security teams and agencies can eliminate the ability for web and email-based malware to infect, spread and harm the ecosystem.
As cyber security threats grow in volume and sophistication and potential outages increase in impact, Australian government organisations are facing new security challenges.
Using isolation security to prevent malicious actors from accessing the end point and spreading from there to the rest of the network is a cost-efficient and highly effective way to meet these threats and reduce security risks.
Stephanie Boo is vice president, APAC, Menlo Security.