Story image

BlackBerry think tank report delves into Australia's state of security

07 Mar 2017

A new think tank report by BlackBerry says that Australia’s cyber risk is changing all the way down to infrastructure and even to the people behind it.

With digital attacks increasing and the potential price tag reaching around $2 billion per year, the report aimed to find out the varied challenges we face in the future and how to develop better risk management strategies. 

The report, titled ’Is your organisation ready for a crisis? The future of security in Australia’, drew on opinions from Australia’s top executives, including Former US Ambassador to Australia; Jeffrey Bleich, John Durbridge, head of campus security at Macquarie University; Jetstar CIO Claudine Ogilvie, Craig Davies, CEO of Australian Cybersecurity Growth Network; and Rex Stevenson, former Director General for the Australian Secret Intelligence Service.

The first major challenge is how government and private enterprise come together to collaborate. The foundation is there, but the next steps need to be taken, says BlackBerry’s VP of Government Solutions, Sinisha Patkovic.

“There are some considerable challenges in bringing government and private enterprises together when it comes to cybersecurity. Everyone has a slightly different expectation and view about what a nationally coordinated approach would look like. Fortunately, I think Australia already has a lot of the right foundations in place for such collaboration, it’s now about taking the next steps,” he says.

According to the report, the next steps could be about educating Australians about cyber protection, improving dialogue between government and enterprise, particularly breach reporting, better government transparency about emerging and likely cyber attacks, and closer collaborations between private organisations themselves.

Organisations are also facing a rapid scramble to arm themselves against attacks and protect their networks, the support says.

“At times it really does feel like an arms race. The better we get at finding countermeasures, those countermeasures then become a training ground for adversaries to find better exploits. As a company, you need be methodical about removing classes of threats completely. Keeping focused on the root cause is very important,” comments Dr Liming Zhu, CSIRO’s research director of Software and Computational Systems.

The report also talks about ‘script kiddies’, hackers who use off-the-shelf DDoS products to bring down organisations. While most participants weren’t specifically concerned by these attacks, it does show that organisations must be vigilant.

Participants were also concerned about IoT security, but those connections can also better protect cities.

“The notion that people think differently in the virtual and physical world is a fiction. We need to observe human nature and apply this to both spheres, where we are now operating simultaneously,” Bleich comments.

The human factor is also addressed in the report.

“Unless security is driven from the very top of the organisation, you’re not going to get any real change. The CEO needs to get behind it and push it, otherwise all of your effort trying to change the rest of the organisation is lost. You need the commitment right through the organisation, but it needs to start with the most senior executives,” Stevenson says.

The think tank came up with four ways that the ‘human element’ to security can be overcome: Educate and test employee adherence to security strategy; design strategies for the people, not the product; and maintain awareness of how behaviour patterns shift over time. 

Why 'right to repair' legislation could be a new lease on life for broken devices
“These companies are profiting at the expense of our environment and our pocketbooks as we become a throw-away society that discards over 6 million tonnes of electronics every year.”
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.
SAS partners with NVIDIA on deep learning and computer vision
“By partnering with NVIDIA, we combine our strengths to augment human intelligence and realise the true potential of AI.” 
Why businesses must embrace automation to ensure success
“For many younger workers, the traditional view of a steady job at one company, perhaps for life, simply doesn’t reflect reality."
Dropbox invests in hosting data inside Australia
Global collaboration platform Dropbox has announced it will now host Australian customer files onshore to support its growing base in the country.
TYAN unveils new inference-optimised GPU platforms with NVIDIA T4 accelerators
“TYAN servers with NVIDIA T4 GPUs are designed to excel at all accelerated workloads, including machine learning, deep learning, and virtual desktops.”
Worldwide spending on security to reach $103.1bil in 2019 - IDC
Managed security services will be the largest technology category in 2019.
How Cognata and NVIDIA enable autonomous vehicle simulation
“Cognata and NVIDIA are creating a robust solution that will efficiently and safely accelerate autonomous vehicles’ market entry."