Why every business needs a trusted advisor for cyber security

By Mark McWilliams

Australian businesses are increasingly turning to information technology solutions to improve their performance. Whether it be helping to reduce cost, improve revenue or connect more effectively with customers and suppliers, IT offers business many benefits. Connectivity between people, systems and processed is creating new, low friction, efficient ways of doing business which enhances the productivity of Australia. An alarming growth in the sophistication and persistence of cyber criminals threatens to reduce the benefits from this technology investment.

Cyber-crime has become a very lucrative business. It’s very hard to put an exact number on the direct cost to Australia of successful attacks as often direct losses are held away from public scrutiny. In 2015 global cyber-crime is estimated to cost the economy $500 billion and by 2019, if current trajectories continue, it will become a $2.1 trillion problem. In the fifth year of producing their “Cost of Data Breach” study, the Ponemon Institute estimated that the cost per compromised record in Australia is $145. Malicious attacks which make up 46% of compromised records have the highest cost at $161 per record. And the average total cost paid by an Australian company to resolve a successful attack is $2.8 million.

In many instances Australian businesses who have responded well to getting their businesses up online have not adequately prepared themselves to fend off a targeted attack from an organised threat actor. DistributeIT collapsed within weeks of a sustained and coordinated attack leaving thousands of businesses that relied on them dead in the water. In many instances, Australian businesses are not even equipped to detect malicious activity on their systems, let alone respond in a coordinated fashion. And even if an attack is detected, using the limited resources available to the company from both a technology and people perspective, attacks take a long time to sort out – on average 243 days.

At Datacom we take a holistic approach to helping corporate Australia protect its digital assets. From an IT infrastructure perspective we have skilled people in every geography with trusted technology vendor partners who can deploy point solutions to help ward of malicious attacks.

In 2010 we established a high-end security consultancy, staffed initially with people from the defence intelligence community. This team, motivated by altruistic intent to protect Australia from malicious attacks, delivers industry leading cyber security advice on culture, policy, practices, people and technology. They recognise that deploying technology alone is not the answer to this very real global threat. This team undertakes some really interesting work on behalf of its clients. One of the most interesting, and provoking, engagements is called a “Red Team Event”. In a red team event the CIO or CISO will engage and set an objective for the team to reach within the digital borders of the business. The businesses’ IT folk are not given any warning of the event so they are not operating in a state of heightened awareness. In almost every case our team has managed to retrieve the targeted digital asset. In some cases they have managed to achieve full system administrator rights to whole IT environments, which could if acted upon cripple significant Australian businesses.

Unfortunately it is neither practical nor operationally possible for Australian businesses to adequately protect themselves online. From a practical perspective good IT security professionals are incredibly hard to find and expensive. And operationally even if you could find a good person, one is not enough. Threat actors work 24×7, are incredibly well resourced, and are ready to strike when nobody is likely to be watching, often using techniques which are so new a single security person has no hope of keeping up. In response to this dilemma Datacom’s Technical Security Services business has established a service offering where a team of seasoned professionals are available 24×7 to detect and respond to security events within Australian businesses.

Cyber security is a growing business for all the wrong reasons. Currently the threat actors are winning as business plays catch up. Developing the resources and skills internally is out of reach for all but our very largest corporations. Leveraging the skills of trusted partners that can aggregate learning and watch multiple electronic borders simultaneously is the only effective way of accelerating the response to the growing cyber threat.

Mark McWilliams has an in-depth knowledge of the technology market and is the Director for Datacom Investments.