Op-Ed: Why our defence sector needs a different approach to cyber security

Australian government spending to mitigate potential cyber attacks and threats has been bolstered in recent years with the creation of “cyber sprint teams” within the Australian Cyber Security Centre (ACSC), increasing coverage of security vulnerabilities across government systems, as well as the creation of the Cyber Security Response Fund.

This all comes in the wake of last year’s setback for the government when a major attack on systems caused havoc, and a subsequent proactive and coordinated upscale of systems followed.

Modern government and defence forces have become increasingly reliant on information technology. Equipment and software underpin everything from planning and management, and now even in-the-field combat and unmanned patrol aircraft.

Until last year’s spending announcement, cyber defences were somewhat struggling to keep up with the constantly evolving threat landscape. Any successful attack could leave systems dysfunctional and the country exposed.

Growing interconnections

Much of the cyber security challenge stems from the fact that increasing numbers of devices and systems are being interconnected every day. This means that a vulnerability on one can allow an attacker to gain access to others.

Everything from the power grids and water treatment plants to defence equipment and weaponry is increasingly becoming internet connected. There are now devices with inbuilt surveillance and intelligence capabilities that stream information in real time. Such devices are becoming a vital component in any war or defence effort.

Defence force leaders are recognising the need to protect these systems. They also need to have the capability to recover them quickly should a cyber attack take place.

VIEW ALL

The important role of backups

With the amount of data being generated and used by defence forces growing every day, ensuring this data is secure at all times has become critical. Production systems need to be fully and regularly backed up so that, if one is compromised, the data is not lost.

Unfortunately, achieving accurate and complete backups is often not an easy task. The job is made difficult by two particular factors: the presence of legacy solutions and extensive data fragmentation.

Many of the systems being used within Defence were designed and deployed many years ago. This often means they are not compatible with current backup systems and require complex workarounds.

At the same time, systems were often designed to store their own data rather than make use of a central resource. This means that there ends up being multiple data stores that must be backed up individually, and this makes the process of restoring systems after an attack particularly difficult.

A better approach

Taking a more holistic approach to data backups will assist our defence forces in becoming more cyber resilient. There are a number of steps that should be taken, and these include:

• Remove data fragmentation: By making use of centralised data stores, it becomes much easier to spot the early signs of a cyber attack. It also makes it much easier to get critical systems operational following an incident. Take the time to review all data stores and work to bring them together.
• Deploy a robust backup system: The selection of an appropriate backup system is a critical step. Ensure it can cope with existing volumes of data as well as expected growth in coming years. A good system will offer a high degree of automation to ensure that all data is captured on a regular basis.
• Install software patches: Software vulnerabilities are a key way cyber criminals gain access into systems to mount an attack. Constantly review all software and ensure patches are applied as soon as they are released.
• Restrict access: Require different credentials to access backups from production systems. This provides an additional layer of security and ensures they can only be accessed by those in authority.
• Train staff: While IT teams may be aware of security issues, many other people within the organisation may not. Take the time to run training sessions to highlight the risks and the steps people can take to minimise them.

Resilience is key

The spending announcement last year followed some significant cyber security incidents in Sydney and Melbourne in recent years and a concerted effort for Australia to be prominent in the Pacific, where China is figuring more regularly and expanding its influence. But the bottom line is that the more barriers there are between an infected system and its backups, the harder it will be for a cyber criminal to gain access.

Over the next four years, $41.7 million will be invested to pilot skills in organisations across the nation in human services care and digital technologies, including cyber security. But if the humble backup is adhered to, modern best practices are implemented as standard and our defence forces take the time now to assess and improve their backup strategies, the result will be a much more resilient position to not just defend themselves, but the country at large, too.

Unfortunately, it’s not so much a question of whether a new attack will occur but when. For this reason, having the ability to recover and continue operations rapidly is vital – especially in the area of defence. The training initiatives planned are a superb and important step in initial resilience.

Whether you’re a government or a business, backups and data protection are a critical part of ensuring an organisation is fit to withstand an attack, but can also quickly recover when one occurs.

Steve Coad is Cohesity country manager for Australia and New Zealand. Based in Melbourne, he is responsible for accelerating adoption of the company’s disruptive software that empowers enterprises to back up, manage and extract value from their data across on-premises, cloud and edge environments.

Coad is an industry veteran with more than 25 years of sales management and leadership experience. During this time, he has been responsible for successfully establishing market entry for new companies and products as well as accelerated regional sales momentum across the Asia-Pacific region for companies including Cisco, EMC, VMware, Aruba Networks, Good Technology and IBM.