With the recent cyber-attacks on Medibank and Optus grabbing headlines and affecting millions of Australians, cybersecurity has been pushed to the head of the queue as the key risk Australian business and government are worried about.
Unfortunately, it’s not going away any time soon either with all indications suggesting cybercrime is on the rise. The State of Ransomware in Australia 2022 report released recently by global security leviathan Sophos, revealed that 80 per cent of Australian respondents were hit by ransomware in the last year.
This represented a marked increase from 2021 and disturbingly the average bill to recover from an attack was over $1.5 million, the Sophos report says.
Managing director of Sophos in Australia and New Zealand, John Donovan, says what the Optus and Medibank cases as well as recent attacks on Woolworths and even the Department of Defence indicate is no one can escape the insidious reach of cybercriminals whether they be organised gangs or nation states.
“Obviously Optus, Medibank and others have the very best (security) tools and resources but based on the evolution of the hacking we are seeing, they’re still susceptible to attacks,” Donovan says.
“It’s gone beyond traditional kinds of brute force attacks into exploitation of zero-day threats and then supply chain attacks as well.”
Donovan says as more companies integrate their systems with other organisations on a B2B basis, hackers can exploit a weakness in one organisation’s systems to gain access and then insinuate themselves into every entity across the firm’s entire supply chain.
Put bluntly, Donovan says threats faced by larger organisations are replicated at the small- to medium-sized enterprise (SME) level and small business as well.
The problem for SMEs is, unlike larger organisations, they don’t have the resources to detect these cybersecurity breaches early and even if they did, “it’s very difficult to prevent these sorts of attacks anyway.”
As many businesses don’t have the resources to fortify their cyber defences.
“Firms often have firewalls from one vendor, and email security and endpoint security from another,” Donovan says.
Many businesses don’t have the resources to fortify their cyber defences.
“They recommend an approach to provide organisations with an 24/7 MDR service that provides advanced threat management including alert and response services over the top of the products and third-party devices the customer is already using,” Donovan says.
Australian owned global food and retail packaging manufacturers, Detmold Group, found – like so many businesses – that it needed to re-evaluate its entire cybersecurity apparatus after COVID hit as the way people worked was transformed overnight.
The company’s group manager – technology, Mark Render says the security tools in place at the time weren’t fit for purpose because “suddenly we needed to allow people to use their own home devices who were dialling in on our VPN across a network of uncontrolled end-user environments.”
Render says the company’s security reorganisation involved setting up a series of side-by-side tests for potential vendors.
“Sophos proved to have the best functionality on the market and was the only vendor to stop every permutation that our testing put in front of it,” says Render.
“From there, it was simply a commercial exercise, one Sophos also delivered on, providing the equivalent coverage and workload of six fulltime staff for the cost of less than one,” Render says.
He says Sophos helped Detmold Group to tailor its response to cybersecurity threats “whether it is something we must change architecturally, procedurally or with our respective security partners.”
Donovan says a big part of the MDR service is running cybersecurity health checks regularly that look for weaknesses in security as well as offering clients like Detmold Group advice on how they can harden up their defences.
“This goes beyond traditional services-based security and provides clients with a fuller service offering,” Donovan says.
“More pertinently, most businesses don’t have the resources, can’t find the talent, or don’t have the access to the data or intellectual property that might enable them to manage security effectively.”
For Donovan, the Sophos’s MDR service is also a way for companies to mitigate against the global skills shortage in the cybersecurity sector until the nation’s skillset in the sector is raised.
“By outsourcing cybersecurity needs to MDR-style services, organisations can run something they would never have enough resources to do themselves. It makes a lot of sense.
“In the meantime, business and government can continue investing in the skillsets through TAFE and other services to ensure we can build out our long-term capability as well as bring more skilled people into Australia, which will be beneficial to us all in the future.”