itb-au logo
Story image

NSW government's new cyber security strategy

28 Sep 2018

Today, the NSW government launched its new cyber security strategy. The strategy is aimed at boosting public sector capability across government departments and agencies. It comes off the back of a call earlier this year by the NSW auditor-general for urgent action to improve the ability of state government agencies to detect and respond to cyber security incidents.

This is a step in the right direction for the government, which needs to take a more strategic approach when it comes to detection and response. But beyond the public sector, the same urgency should extend to non-government organisations as threats to cybersecurity and cybercrime continue to increase in Australia, costing the economy up to $1 billion a year.

Private sector at risk of cyber security attacks

There is an indication that all organisations are bracing themselves for the heightened threat environment. Earlier this year, the Notifiable Data Breaches (NDB) scheme marked a major step in policy which ensured that organisations improved their security posture. Implemented in February, the Office of the Australian Commissioner (OAIC) reported 63 data breach notifications in the first six weeks and 242 data breach notifications between 1st April and 30th June. Of these breaches, the healthcare and financial sectors were the hardest hit.

The OAIC’s reports are something we discuss frequently with customers. Organisations in many cases have either made the wrong start or do not know where to start when it comes to their security journey in order to detect and respond to attacks in a timely manner. The greatest thing about the NDB scheme is that it shone a light on the areas that organisations need to focus on. As well as this, it’s giving us some great insights into the types of attacks we are seeing in organisations and as a whole, we know where weaknesses are and what we have to work on.

The most recent report shows that nearly 60 per cent of breaches have been a result of malicious attacks, which organisations should be able to detect and prevent. 74 per cent entailed the theft of credentials, which should be easily preventable with multifactor authentication. 29 per cent of attacks were through phishing scams, which with greater education and training on cyber awareness across the organisation can be better managed. With these issues are being brought into the spotlight and organisations are becoming more aware of what the problem is, they’re already on their way to finding the right solution. 

Security visibility key to risk mitigation

In the current landscape, government departments and agencies are facing multiple challenges when it comes to defending their cyber security. The biggest problem is where to start. It’s a huge undertaking to gain visibility of the whole organisation and detect all types of attacks in the immediate. By taking guidance from the OAIC’s reports, organisations can focus on the crucial parts of their environment which are under threat and gain visibility in the right areas of the IT network.

When organisations implement a security information and event management (SIEM) platform, purely for compliance, this can take too long to identify threats. The best approach for any organisation is to take a risk-based approach to gain the right a level of capability in a timelier manner.

It’s not just about technology – people and processes are a major part in protecting an organisation’s cyber security. In parallel to technology, organisations need to develop security capability from a people point of view. This extends beyond IT professionals to all staff, who need to better their cyber security awareness. Automation and machine learning are changing the way teams are working. The heavy lifting can now be done by tools so that teams can focus on higher-value tasks and enhance the effectiveness of the organisations' cyber security.

Cyber security threat management traditionally focuses on cyber security controls in an organisation, but visibility needs to be expanded to all systems in an organisation. Phishing attacks are normally very difficult to detect using traditional security controls, so you need to look at the behaviour of systems and users in an organisation to detect more advanced attacks. With visibility of all IT systems and applications, you expand the lens of visibility. Applying more advanced technologies like behavioural analytics to a broader dataset will help improve cyber security.

The auditor’s new strategy for NSW calls out the need for government organisations to investigate what actually happened, not just the attack itself. For this, the right data will have to be inserted into the right platform. It won’t be long before we see other states adopt the same policies. Victoria has already embarked on a similar initiative and the federal government has invested $17 million into cyber security over the next four years.

While the NSW government is taking a step in the right direction, cyber criminals continue to adapt and get more sophisticated. We need to ensure we have the right recommendations and guidelines in place to enable the right security control methods. This is especially important in government, where ample sensitive data needs to be protected.

Article by Simon Eid, Area Vice President, A/NZ, Splunk

Story image
DDLS offers all courses remotely during COVID-19 lockdowns
“With Virtual Instructor-led Training, DDLS can provide training in the skills organisations require immediately, in order to maintain business momentum in these very troubled and demanding times.”More
Story image
Australian Govt teams up with Delv to release COVID-19 app
"The app is one of the best ways we will be able to get important information and updates to Australians as well as enable them to share important information with us during these difficult times."More
Story image
Pluralsight offers 7,000+ online tech courses free for April
In a bid to encourage online learners to stay home and upskill during COVID-19 lockdowns, Pluralsight, the enterprise technology skills platform, has made its 7,000+ courses available for free for the month of April.More
Story image
Interview: Barracuda decision-makers discuss public cloud security
Last month, Barracuda released a report outlining the security barriers organisations must overcome to adopt the public cloud, as studies reveal that security was the top concern for such organisations.More
Story image
How companies can stay secure while employees work from home
While working from home may seem like an easy solution for workers, the reality can be quite challenging for IT teams.More
Story image
InterSystems helps Aus laboratories in the fight against COVID-19
"InterSystems is proud to be helping SydPath, Austech Medical Laboratories, Goulburn Valley Health Pathology and other clinical laboratories, and we will continue making additional resources available to customers dealing with the pandemic.”More