Better prepared: Effective security planning
Head of Security Services at Telstra BTS, Stuart Low, shares his thoughts on the state of Australian security preparation.
Find out more about how we can test the effectiveness of your security preparations with our Cyber Security Health Check.Find out more
As part of our Telstra Security Report 2018, over 1250 security professionals told us that they were implementing a range of complementary preparedness programs within their business.
The priorities of organisations in Asia and Europe are very similar to those in Australia, with security audits the highest ranked priority by almost 40% of respondents. This was closely followed by activities such as risk assessments and awareness programs.
Are you prepared?
The first step to effective preparation is knowing what you have to protect, understanding the value of these assets, and putting in place the architecture – both organisational and technical - and controls to ensure they stay safe. A framework like the Five Knows of Cyber Security can assist you in working through the right architecture for your business.
Coupled with your protective architecture, you need to have a detect architecture that allows you to quickly identify threats. This program is focused on monitoring what happens throughout your organisation and promoting visibility.
The final step is your incident response plan – which is fundamentally a matter of knowing who has to do what, when in the event of any kind of security breach. Regular rehearsal is the key to an effective response plan, which relies on staff having a clear idea of their role and responsibilities in the event of a breach. Effective desk rehearsals also promote your staff’s ability to cope with the unexpected and think on the fly.
Around the world, new privacy legislation such as the Notifiable Data Breaches amendment to the 1988 Privacy Act, as well as the European Union’s General Data Protection Regulation (GDPR) are requiring organisations to rethink their governance, risk management and compliance architecture.
The GDPR in particular, requires organisations dealing with the personal data of EU citizens to appoint a data protection officer and maintain detailed documentation related to the protection of that data.
Effective preparedness programs
Alongside the headline-grabbing data breaches of the last few years, this wave of legislation has made security a focus throughout the C-Suite, with our report finding that compared to 2017, Australian organisations are wholeheartedly supporting a wide variety of security preparedness programmes.
Security audits remain the most common programmes, with 38% of Australian respondents currently undertaking one at the time of the survey. This is encouraging, although while many organisations are comfortable running security audits, which provide a snapshot of a given point in time, few organisations have moved towards adopting a continuous compliance program which equips them to react to their changing business and security environment.
Between the proliferation of connected devices and increasing end-user confidence in adopting unapproved software and applications, it’s more important than ever before to put in place a sustainable workflow for keeping your device and software inventories up-to-date and accurate.
This can be particularly important for Internet of Things devices, which can be difficult to gain visibility over and become a prime threat vector if left unpatched.
This was followed up by risk assessments and cyber security awareness programs (36%), a clear response to the increased prevalence of socially deceptive attacks in Australia, such as Business Email Compromise.
Anticipating the unexpected
In our 2018 report, 76% of Australian businesses estimated that the number of breaches which had gone undetected in their organisation had increased to 55%. A key driver of this problem is reacting to unfamiliar threats, due to the difficulty of sourcing and maintaining up-to-date security skills in today’s rapidly changing landscape.
One way of preparing your organisation for the unexpected is by bringing in outside sources to act as a red team. Internal teams often fall back on rehearsal scenarios that deal with issues already on their radar and naturally find it difficult to consider as-of-yet unknown threat vectors.
This is where Telstra can help to try and uncover any weaknesses in an organisation’s security preparations and identify ways these can be improved going forward.
It’s important to check for weaknesses across the entire organisation, not just evaluate the preparedness of the security team.
We can, for example, test for awareness and resilience in the face of Australia’s most common threat – email compromise. Mock phishing emails, which use techniques similar to actual phishing scams, are benign messages crafted to appear as though from a trusted source and enticing staff to click through. Over time, statistics from this testing can reveal patterns of awareness throughout the organisation and indicate if/when further training is required.
Our team of over 500 experts is able to help with security expertise across numerous disciplines, including security audits, governance and risk compliance across many standards. Being able to test and measure preparedness is just one way we’re able to assist organisations to stay secure.