Aussie approach to cyber security outdated
Australia is in desperate need of a new generation of cyber security professionals, according to a new report from the Australian Strategic Policy Institute, who says the country is currently ill-equipped to manage cyber security threats.
According to network security firm Palo Alto Networks, Australia needs cyber security specialists that will move beyond outdated approaches to cyber security, and who will put prevention at the heart of it.
"Cyber security training still largely consists of a traditional approach, which is primarily focused on reacting to attacks," says Armando Dacal, regional vice president – Australia and New Zealand, Palo Alto Networks.
"The focus needs to shift away from reaction towards prevention. It's a fundamental change in thinking and we need it to put ourselves ahead of emerging threats," he says. "The future of cyber security lies with the next generation."
Palo Alto Networks says this sentiment echoes that of the Federal Government's eSafety Commissioner for Children, Alastair MacGibbon, who has been quoted as saying that more young Australians need to consider careers in cyber security to help build a 'human firewall' against online attacks.
Decal says traditional cyber security approaches are less effective as the technology and strategies used to mount a cyber attack evolve, and the number of potential endpoint vulnerabilities rapidly expand with the explosion of connected devices.
"For example, advanced threats take advantage of new ways of accessing applications, leveraging them for unauthorised network access," he says. "They can tunnel into applications, hide within SSL-encrypted traffic, and use unsuspecting targets to get a foothold within the network and execute malicious activity.
This is why security infrastructure that can prevent threats before they turn into full-blown attacks are becoming increasingly important, Dacal explains. "Such threat prevention platforms require multiple layers of security. These layers should be able to confront threats at each phase of an attack," he says.
While there is increasing awareness of cyber security among today's workforce, Dacal says it is still largely based on traditional cyber security measures, which are fast losing their potency against new threats. As such, much cyber security education falls short.
"We need to educate ourselves and our children about new cyber threats and threat prevention to improve our security approach now and into the future," he explains.
"For the next generation, updated cyber security training means they will enter the workforce with an established grounding in how to develop and maintain a healthy, proactive security posture.