The Australian Government has recently signaled its intent to mandate the Essential Eight mitigation strategies for almost all federal departments and agencies. Since 2013, non-corporate Commonwealth entities have been required to undertake an annual self-assessment however, a report published by the ANAO in March earlier this year, indicated weak self-reporting results.
According to Rylan Painter, SOC Manager and ex-Defence Cyber Threat Intelligence lead, getting the basics right first is often the best way for Queensland businesses to reduce the threat against their own networks – and is a critical component of securing Australia’s networks too.
“Whether we’re dealing with Private or Public Sector businesses, it’s clear the common risks are similar. We’re seeing organisations being compromised by recently disclosed vulnerabilities due to the protracted patch cycles experienced by most medium to large networks. These vulnerabilities are often exploited within days of it being released and are targeted by a range of cyber threat actors of differing levels of sophistication.
When you hear ‘sophisticated threat actor’, it is often misinterpreted as cyber threat actors that exclusively use sophisticated zero-day exploits that have never been seen in the wild. But most of the time, they’re using the same ones that are available on open-source repositories such as GitHub, or talked about on Twitter, because they work.
The real definition of sophistication for these actors is in the way they employ those same publicly available exploits in their broader attack lifecycle in a short time period. Threat actors are quickly weaponising publicly disclosed proof-of-concept exploits for recent vulnerabilities, then targeting victims on a global scale to get ahead of delayed patching roll outs,” says Painter.
It goes without saying that CIO’s and CISO’s are facing their greatest challenge in balancing cyber security investment with other operational resources. Unfortunately, the catalyst for change and escalation of cyber as a strategic priority is often driven through direct or observational proximity to a compromise.
Rylan believes that there are four key necessary actions:
“SOC’s go through different stages of evolution, some taking five years to reach their desired state of maturity. Leveraging an external cyber security team to augment existing capability in a scalable way is the best way to get started. Look at what SOC capabilities are most important to your organisation to reduce cyber risk – and start there,” says Painter.
Now one of Queensland’s fastest growing businesses, Equate Technologies has successfully enabled hundreds of leading Public and Private Sector organisations to operate more securely through the provision of fully scalable Cyber Security, Risk and Integrated Security solutions.
Contact us to find out how we can provide scalable solutions for your business.