2021: A Cybersecurity Review

2021: A Cybersecurity Review

What an absolutely manic year it’s been (two years if you’ve been living down in Melbourne). As we start to ease into Christmas, I thought I’d take a moment to reflect on the year of 2021 and what’s happened in the Cybersecurity space.

We’ve seen a noticeable upturn in the number of organisations, and number of dollars that companies are investing in Cybersecurity. This was due to a number of reasons including companies having to comply with standards/frameworks (ISO, NIST, VPDSF, PCI, CPS 234, Critical Infrastructure Bill, etc), peer organisations being hit with ransomware and ending up in the news, responding to what's happening out in the wild, trying to reduce cyber insurance premiums, following recommendations from audits, or simply the board asking “What are we doing for security?”

No alt text provided for this image

COVID has certainly had its challenges and I hope everyone had some silver lining and came out of lockdown stronger. Lockdowns have shown how resilient we are when faced with many hurdles and we can handle whatever is thrown at us. Great to see that majority of organisations have adopted the ability to work from home.?When lockdown first kicked in last year we saw an immediate increase in adoption of security programs, with one client rolling out 3 years of program within 3 months. The logistical nightmare of setting up staff to WFH was certainly a challenge, along with dealing with normal COVID dramas. Great to see that security has continued to be at the forefront for our clients and the steam train keeps moving forward. I'm sure we can all appreciate the meme below for what has been a crazy couple of years, and we are all well deserving of some TLC and time off. Although all the recent vulns; Log4j, Kronos, Chris21, Frontier Software, is making it difficult for us.

No alt text provided for this image

As a result of WFH, we have seen a decline in Internal Penetration Testing and a huge increase in Web Application Penetration Testing, both internal and external developed apps. This has resulted in an uptake of SecDevOps and organisations thinking about what they can do to ensure security has been considered throughout the development lifecycle. We hear the same story that Marketing/Dev teams have built an app holding Personal Identifiable Information (PII) that is “going live in a week”. In most instances Cybersecurity has been an after thought, and security teams are scrambling to get it tested in short timeframes. To quote our Application Security Manager, Jack Misiura, "SecDevOps is a culture shift". SecDevOps is the natural progression of the Agile software lifecycle, combining Development (Dev) with Operations (Ops).?The Developer side needs to embrace concepts such as unit and integration testing or test driven development. The Operation side needs to embrace concepts such as CI/CD pipelines, testing environments and infrastructure as code. The outcome is full automation; were stages such as building, testing and deployment can be fully automated, significantly increasing development speed. If you're not sure where to start, The Missing Link can help organisations to develop your SecDevOps strategy and roadmap to mature DevOps flow.?

No alt text provided for this image

We have seen many organisations adopting a cloud first strategy and invest heavily in SaaS/AWS/Azure/etc. Zero Trust is a huge buzzword and whilst it means different things to many people, the three main concepts are; user/application authentication, device authentication and trust (or lack of). The misconception that "Oh it's in the cloud now. It's safe! They'll look after our security!" is hopefully a thing of the past and people are taking data in transit/data at rest seriously. There’s many ways to tackle your Zero Trust destiny with plenty of different routes/solutions/practices to help you achieve your goal. At The Missing Link, we will customise an effective and holistic approach to cloud cybersecurity to protect your data and applications. Based on gathered intelligence about your business and your user needs, your roadmap should include authentication of users and devices, managing access control for data and resources, automating provisioning and de-provisioning of users, and protecting data and applications with encryption. Importantly, the solution we recommend will provide authorised users with streamlined access to the applications and websites they need to perform their role with efficiency.

No alt text provided for this image

Business Email Compromise (BEC) is a huge concern and phishing attacks are constantly on the rise. Attackers have been indifferent to industry, hitting everyone from Retail to Education, Manufacturing to NFP. It makes me sick to my stomach they have been targeting Healthcare, however unfortunately in this age “data = dollars”. The supply chain has been used as a means to intercept emails and change bank account details. At the end of the day, you're only as strong as your weakest link. Organisations should implement better practices and solutions to verify payment-related requests and identify fraudulent emails.

No alt text provided for this image

To combat BEC and educate staff to identify fraudulent emails, organisations should be focusing on user awareness through the rollout of a Security Awareness Training (SAT) program. Staff are the "Human Firewall" and unfortunately one of the weakest links in an organisations security is their own staff. This is supported in part by the Australian Government's Notifiable Data Breach (NDB) scheme, who quote that 35% of all reported breaches in the past year were caused by human error. The Missing Link offer Security Awareness Training as a Service (SATaaS) to help with the ongoing management and improvements to awareness training. A decrease in clicks/attachments opened can also help to reduce your cyber insurance premiums, whilst also ensuring your users remains safe and data secure.

No alt text provided for this image

Rather than technologies operating in silos, we've seen organisations start integrating to work collaboratively. "The SOC Nuclear", first coined in 2015 by Gartner security expert Anton Chuvakin, now SOC Visibility Triad, supports enterprise security by providing visibility into attack surfaces, detecting threats and and responding to incidents. The three pillars of the SOC Visibility Triad are SIEM, NDR and EDR. The SOC Triad is really starting to gain some traction and we will continue to see organisations further move towards implementing these technologies.

The Spectra Alliance is among the most promising developments in Cybersecurity.?CrowdStrike, Netskope, Okta, and Proofpoint have together identified Zero Trust architecture as a founding principle in a post-pandemic world, and they are effectively writing the book for this approach, globally. Sensitive data resides in multiple locations (on-prem, private/public cloud) and SaaS applications require real-time data protection and management leading to new data protection strategies and processes. Spectra Alliance brings together a best-of-breed integration, minimising complexity with integrated solutions, whilst reducing risk exposure with simplified architecture, decreased operational costs, and increased Zero Trust security posture. Let's see what they build on from here.

No alt text provided for this image

What a year it has been! To impart some of my Mad Dog predictions for the next calendar year;

  • People will start returning to the office and we will see a huge uptake in Internal Penetration Testing
  • Wanting a more collaborative approach to Red Teaming, organisations will opt for Purple Teaming exercises
  • Business Email Compromise will increase and Security Awareness Training (SAT) and Domain-based Message Authentication, Reporting, and Conformance (DMARC) will be implemented (if not so already)
  • SecDevOps is a proactive thought and the only defence is an offence
  • As malware spreads from IT to OT, IT and OT teams will work together to bridge the gap and secure industrial control systems
  • The Australian Signals Directorate (ASD) Essential 8 will continue to be adopted by organisations outside of Government

No alt text provided for this image


Dhara Mishra

Join our 6th of June Global B2B Conference | Up to 50 Exhibitors | 10 plus sponsor | 200+ Attendees

2 年

Thomas, thanks for sharing!

回复
Debora Nhuch

Commercial and Contract Management expert / Complex and high-risk commercial contracts / Risk mitigation / Procurement / Process improvement

3 年

Great summary of what we have been going through. Thanks for sharing it with us. Happy New Year!

Kim Kaur

Service Delivery & IT Project Manager

3 年

????????????

Hayden Beach

Attachment Specialist at Aussie Buckets

3 年

Where can I buy securety stonks

要查看或添加评论,请登录

Thomas Naylor的更多文章

  • 2024: A Cybersecurity Review

    2024: A Cybersecurity Review

    With yet another year under our belt, I took some time to look back on the year that was 2024 and what happened in the…

    4 条评论
  • 2023: A Cybersecurity Review

    2023: A Cybersecurity Review

    What a year! I swear the 'Theory of Relativity' gets truer year on year, as the days rocket past us. IT & Security…

    5 条评论
  • 2022: A Cybersecurity Review

    2022: A Cybersecurity Review

    I like to take some time out at the end of the calendar year to reflect on what's happened in Cybersecurity, key…

    25 条评论
  • AISA CyberCon 2022 - Resilence in a Cyber World

    AISA CyberCon 2022 - Resilence in a Cyber World

    After 3 big days at the Australian Information Security Association (AISA) 2022 Cyber Conference, I thought I'd take…

    7 条评论
  • A Cybersecurity Review of 2019

    A Cybersecurity Review of 2019

    I can't believe that it's already December and the Christmas holidays are fast approaching. It honestly felt like we…

    4 条评论
  • CyberCon 2019 - Change The Rules, Up The Game

    CyberCon 2019 - Change The Rules, Up The Game

    After a successful event last year I wasn’t sure whether Australian Information Security Association (AISA) could back…

    5 条评论
  • Fortinet PartnerSync '19

    Fortinet PartnerSync '19

    Fortinet partners, resellers, and distributors from all over Asia Pacific were invited to Indonesia to learn insights…

  • AISA Cyber Conference 2018 takeaways

    AISA Cyber Conference 2018 takeaways

    Information Security professionals from all over Australia congregated at the Melbourne Convention & Exhibition Centre…

    7 条评论
  • What I learnt at Burning Man

    What I learnt at Burning Man

    A few weeks ago I boarded a plane in Melbourne and spent 22 hours in transit to fly to San Francisco for Burning Man…

    19 条评论
  • 20 ways to avoid hiring a dud

    20 ways to avoid hiring a dud

    Let’s face it: hiring a bad candidate is often worse than hiring no candidate at all. Having the wrong person in a role…

社区洞察

其他会员也浏览了