How to boost your cyber defence capabilities

By Greg Gale, National Security Officer, Microsoft Australia

Is Australia becoming its own worst enemy when it comes to addressing cybersecurity?

This might seem an odd question considering the growing number of external threats directed toward our country. But to resolve these challenges we need focus. We need action. We need a simple approach to tackling complex issues so everyone can follow.

It’s possible to argue government, industry, and academia have been doing the opposite. We’ve seen countless initiatives and agencies launched to resolve cybersecurity issues, while a swathe of investments are made in boosting capabilities at a national and state level.

While these are all welcome and much needed steps in the right direction, we’re on the cusp of seeing cybersecurity confusion reign supreme. For example, with so many different agencies and operation centres, how do we know who is responsible for what? And as new solutions are made available, how can businesses best decide what to prioritise? How does business, critical infrastructure, and government for that matter, know who to contact if they need help? The challenge is that if it is not clear, most organisation contact no-one and suffer as a result.

Before businesses tackle actual cyber threats, we’re creating scenarios where they must first navigate a complex web of distractions. That’s not ideal when success is judged on how they respond to cybersecurity attacks, rather than what they could have done to prevent them. In the aftermath of major cybersecurity breaches the question is always asked, why weren’t the affected organisations better prepared? Subject matter experts then crow about how easy the events are to protect and defend against, but even they don’t all agree and often conflict with each other. This further adds to the confusion of organisations.

Cybersecurity should be as simple as how you go about protecting your property or car against stealing, break-in or damage. Instead of building strategies for each individual threat, we should focus on the overall protection we need. In the home that might be simply locking the door at night, or storing irreplaceable and invaluable items like photos on digital platforms.

It’s for this reason that Microsoft is calling for a renewed and refreshed approach to addressing cybersecurity in Australia.


How to build long-lasting cybersecurity partnerships

Cybersecurity is a threat to us all, and many organisations are facing similar challenges. Not only are we facing the same kinds of threats, depending on the scale of a particular cybersecurity event we could be actually dealing with the same event. This means there’s much value to be had from sharing local and international learnings.

Considering the sensitive nature of exchanging these insights, it’s easy to understand why there might be reservations. In circumstances like this, the best partnerships often begin as ad-hoc collaborations that later transform into formal, strategic initiatives once trust has been established between all parties.

Sustaining these ad-hoc efforts in a structured way requires careful consideration of what, when, how and why information is shared to ensure the outcomes are mutually beneficial. This is achieved by building partnerships around answering the following questions:

  • Who should be involved? What individuals or departments need to share information, and who can resolve issues. Being clear on roles and responsibilities, and giving insights and access accordingly, means issues can be addressed quickly and securely.
  • What data will be exchanged? Sharing data outside an organisation can create a number of privacy and civil liberty concerns, such as how will information be stored, to what extent can it be linked to individuals and what details it reveals. Factoring these considerations into the creation of new partnerships must be one of the first steps.
  • What communication and collaboration platforms are needed? Now we know what information will be exchanged, organisations must create models and methods that satisfy privacy and security requirements. For instance, are the necessary firewalls or communication channels in place, and does storage comply with legislation?
  • How will success be measured? All parties need to agree on the overall aims and objectives of the partnership. How will success be measured to ensure the collaboration is long-lasting and has a positive impact?

Why AI has an important role to play in cybersecurity

The intelligence gathered through these partnerships is critical to keeping networks safe. It can even point to what attackers might do in the future based on previous activities across sectors. This empowers businesses to achieve the holy grail of cybersecurity – addressing potential problems before they emerge.

Emerging technologies like machine learning, Internet of Things and artificial intelligence are a fundamental component of predictive capabilities. They make the threat-detection process more intelligent, asking questions such as: “What could a bad actor exploit in the current environment?” or “What’s the potential impact on the availability of critical resources?”

These solutions can automatically scan websites to identify common threat indicators based on previous breaches, empowering organisations to proactively resolve threats before they become a problem.

Unfortunately, many hackers already have these intelligent capabilities and are using them to gain advantage in a multitrillion-dollar industry. What’s more, they’re working together in ways we’ve never seen before, sharing information and undertaking coordinated attacks.

So it’s even more important for government, industry and academia to respond in a unified way – one that‘s rapid, intelligent and eventually proactive. The cybersecurity threat is already real and will continue to grow. We need to act now.


Tags Microsoftpassword protectionattackscyber threatsMicrosoft Australiaweak usernamesAustralian Cyber Security Centre

Show Comments