“To build cyber resilience you need to have a strong technology partner that can help you build a vision and advise you not only on the best technology choices but how to address the Processes and People part of the cybersecurity equation.” David Stockdale, The University of Queensland
With the COVID-19 pandemic pushing employees to switch to remote working and forcing business operations to go online in a record time, cybersecurity has become a top priority for many Australian organisations.
However, as a consequence of this sped up push to work from home we’ve seen the same challenges arise such as vulnerability patching, mobile devices and multi-cloud environments management, as well as cyber fatigue as key cybersecurity concerns.
This is what the recent findings from our recent CISO Benchmark Study revealed, and a reality that many of our Australian customers experience:
- Cybersecurity has become a top priority for 91% of Australian executive leadership teams, but complexity is on the rise
- Australia is lagging far behind other countries in terms of vulnerability patching, with 59% of Australian respondents report having had an incident caused by an unpatched vulnerability
- Australia is also struggling to keep mobile devices secure, as well as secure data in the public and private cloud infrastructure with 65% finding mobile devices very or extremely challenging to defend
- Australians consider data in the public cloud and private cloud infrastructure to be top security challenges in 2020, along with managing multi-security vendor environments
- As a result, 58% of Australian respondents said they feel cyber fatigue.
Throughout the pandemic, Cisco has made it a priority to help our Australian customers shape cybersecurity strategies that address those challenges, enabled by technology.
As our customers JLL and University of Queensland pointed out in a recent roundtable, the key is to consider a holistic approach that includes people, processes and technology, and create a shared responsibilities framework.
Mark Smink, Chief Information Security Officer for Asia Pacific, JLL highlighted how they transitioned to work from home, “The strategic choices we made to invest in a secure cloud infrastructure to power our remote workforce around APAC a decade ago, along with the holistic cybersecurity strategy we build in collaboration with Cisco’s experts is what helped us seamlessly adapt to the new reality brought by the COVID-19 pandemic.”
As well, David Stockdale, Deputy Director, Information Technology Services, The University of Queensland shared the visionary aspect of cybersecurity, with a cohesive philosophy.
“To build cyber resilience you need to have a strong technology partner that can help you build a vision and advise you not only on the best technology choices but on how to best address the Processes and People part of the cybersecurity equation.”
Thinking about all of this, here are some of the practical recommendations for Chief Information Security Officer’s (CISO) to improve their cybersecurity posture.
Five recommendations for the 2020’s CISO
- Focusing on cyber hygiene and employee awareness programs – such as shore up defences, update and patch devices, conduct drills and training
- Implementing a zero-trust framework to build security maturity
- Employing a layered defence that includes MFA, network segmentation, and endpoint protection
- Adopting an integrated platform approach when managing multiple security solutions to reduce complexity and alert overload
- Gaining the highest levels of visibility to bolster data governance, lower risk, and increase compliance.
Building off the worldwide recommendations, there are further insights for Australian CISOs and the steps they can take to build a comprehensive cybersecurity strategy.
Top 10 questions for Australian CISOs to consider
Building a cybersecurity strategy that addresses today and tomorrow’s challenges requires identifying:
- Who in your organisation provides executive support?
- Which metrics matter most: Time to detect or time to remediate?
- The right balance for spending on trust verification and threat detection
- The business impact of security breaches
- Collaboration benefits between networking and security
- Challenges preventing you from protecting the mobile workforce (user) and defending network infrastructure
- How to extend zero trust to secure applications
- The positive impact of vendor consolidation
- The causes of your cybersecurity fatigue and burnout
- How much focus should be placed on incident response?
Cisco experts are working with organisations all around Australia to help them shape what their cyber posture of the 2020 decade should be, and build stronger cyber capabilities and cyber resilience.
“The strategic choices we made to invest in a secure cloud infrastructure to power our remote workforce around APAC a decade ago, along with the holistic cybersecurity strategy we build in collaboration with Cisco’s experts is what helped us seamlessly adapt to the new reality brought by the COVID-19 pandemic.” Mark Smink, JLL