Safe Harbours: navigating new cybersecurity frontiers

A growing threat

Cyberattacks are becoming an increasing threat to Australian businesses with many large corporations falling prey to information leaks and data hacks. As digital is the new normal for business and organisations? of all sizes, risks associated with Cyber are a major concern. In the age of AI, Metaverse and Web3, Cyberattacks are becoming more sophisticated, frequent, and costly with potential impacts ranging from financial loss, reputational loss, and even national security threats. In the latest Big Questions Blog, Dr. Praveen Gauravaram, Consultant (Senior Scientist), TCS Australia & New Zealand, discusses how organisations can discover, assess, and mitigate risks and be cyber resilient.

Current cyber climate

According to the Australian Cyber Security Centre (ACSC), there has been a significant increase in the number of cyberattacks targeting Australian businesses and individuals in recent years. In the FY 2021-2022, on average, ACSC received a cybercrime report every 7 minutes. With expanding threat perimeters in the digital world, cybersecurity is no longer just about compliance and risk mitigation—it is a growth imperative.

Despite years of investment in cyber risk assessment and security tools, many chief information security officers and chief risk officers feel worried or even overwhelmed about their ability to meet current and emerging cyber threats. Protecting their organisations from a rising tide of cyber threats requires adopting innovative and advanced security technologies to protect data and integrity of business operations. But just as important, it requires engaged leadership and strategically aligned stakeholders and continuous employee cyber awareness and education programs if an organisation is to fight off the most critical developing threats and recover quickly from cyber incidents when they occur.

Let’s explore some of the core principles and approaches to building a cybersecurity strategy that is efficient, effective, durable, and resilient.

Understanding contextual risks

Risk comes in many forms, but cybersecurity measures must account precisely for local?and industry-specific contexts. Some of the factors that need to be considered include:

Geopolitical and geographical — Multinational organisations must assess cyber risks in each local market to identify and prioritise their cyber risks pertinent to such markets. This enables multinationals to plan investments and cybersecurity strategies to address risks arising from unique cyber threat landscape in different countries as well as comply with their privacy and data protection laws. ?

Regulatory complexity — Legislation in Australia has resulted in increasingly stringent regulations around data security. Rules governing the response to cyberattacks and when to report a data breach can vary in each state and territory and are managed by local government agencies.

A tailored approach

The other challenge for cybersecurity experts is knowing what technologies and services to pick to combat various threats.

The effectiveness and efficiency of these technologies depend meaningfully on what problem an organisation is trying to solve. Some organisations may require vulnerability detection and remediation, while others need a greater focus on vendor risk.

Depending on an organisation’s geography and industry, focus on consumer privacy may be paramount. Either way, the solution often rests in using the suitable security technologies.

Security technology solutions

While enterprises focus on protecting their e-commerce applications, they must also safeguard the related development ecosystems, such as cloud and its main delivery models - Infrastructure as a Service, Platform-as-a-Service, and Software-as-a-Service. Having a tested and assured method for this requires systematic compliance and automation. Setting this up at scale and building it in the required repeatable level of capability is an ongoing exercise that often causes concerning gaps.

We believe that the right solutions for one organisation won’t be the same for another—even in the same industry. The key is to work with a partner who offers a variety of horizontal products, platforms, and services backed by deep intellectual property and use cases. Cybersecurity depends on a two-fisted defense mindset in a threat environment defined by the new and never-seen-before.

Dr Praveen Gauravaram is Consultant (Senior Scientist) at TCS ANZ https://www.tcs.com/who-we-are/worldwide/anz

Read more about TCS cybersecurity solutions here: https://www.tcs.com/what-we-do/services/cybersecurity