From rising budgets to machine learning, we look at the future trends changing the Australian security landscape.
With the security landscape continuing to grow more complex, we look at some of the future threats and the technologies that can help manage your risk.
Over the last 24 months, we’ve seen some of the highest-profile security incidents in history, from business threats like the Mirai IoT botnet and WannaCry to data breaches affecting millions of customers.
Experts predict that our increasing connectivity and the explosion in connected devices via IoT will increase the level of threat the average business faces in the future.
To meet these threats, we need to change the way we think about security in our organisations, invest effectively and utilise emerging technologies to help manage our risk.
In the Telstra Security Report 2018 we identified a few key trends among the threats that enterprises are likely to face in the coming years.
The protection of phones and other mobile devices which have traditionally operated without endpoint software will become more important, as we continue to connect them into most business functions.
With Gartner estimating that 1/3rd of malware will be targeted at mobile devices in 2019 (Market Guide for Mobile Threat Defense Solutions), we believe this will be a key area of investment over the coming years.
For larger organisations, multi-layered DDoS protection systems could become increasingly necessary, if botnets powered by unsecured IoT devices continue to serve as a vector for DDoS attacks.
Lastly, as organisations continue to adopt hybrid and multi-cloud strategies, they’ll have to give greater prominence to internal, or “east-west” security, as it becomes more difficult to provide consistent perimeter defences across their diverse environments.
Business Email Compromise and ransomware are the most common threats faced by Australian businesses and both are likely to evolve in the coming years.
Ransomware is becoming an increasingly accessible ‘product’, expanding in popularity among even less-technically-skilled criminals. Ransomware as a Service (RaaS), where software authors provide malware off the shelf or via a revenue sharing agreement, is a growing market and will likely lead to an increase in ransomware attacks.
Ransomware is also becoming more sophisticated, with programs waiting until they’ve spread throughout your network and identifying backup locations prior to encrypting files and demanding payment. To counteract this, organisations with critical data are increasingly using air-gapped backups, or those hosted externally.
Similarly, Business Email Compromise and other forms of phishing are likely to become harder to detect, as criminals combine the wealth of information we make publicly available online with the technologies that power marketing automation and personalisation.
To counteract this, employees will require more robust training to help differentiate real messages from fraud and organisations will need to establish stricter processes to prevent payments being made without being verified within the company.
While we anticipate significant advances in machine learning in the coming years, for the foreseeable future, machine learning will remain a supporting player in cyber security.
Machine learning will continue to augment the ability of resource-limited security teams to help identify and prioritise security alerts. In the Telstra Security Report 2018, we found that 38% of Australian respondents estimated that they responded to less than a quarter of incidents experienced in the past 12 months, reflecting the sheer volume of alerts generated by today’s connected businesses.
As it continues to advance, machine learning is likely to be integral to our ability to detect zero-day threats which haven’t been previously encountered and potentially isolate them prior to human intervention.
One of the key trends we’re already observing is the convergence of cyber security with physical or electronic security.
As traditional security devices such as CCTV, alarms and key card readers are connected to the internet, along with IoT devices integrated throughout supply chains, smart buildings and factories, the previously distinct disciplines of cyber and electronic security will increasingly be managed as one.
This move will not only enable organisations to better address threats that encompass both domains and streamline operations – by integrating the data generated by connected electronic security devices and cyber source into the same security operations centre, organisations can increase their security awareness.
In the Telstra Security Report 2018, we found that over 99 percent of respondents who were responsible for cyber security indicated they are also responsible for electronic security.
While this demonstrates the market is already moving to take advantage of these possibilities, we believe they’ll only become more pronounced as the market matures.
In line with the increased recognition of security as a core business risk, particularly with the C-suite, security spending is set to rise in the coming years.
In the Telstra Security Report 2018, we found that 82% of Australian organisations intend to increase security spending, with more than 2/5ths planning an increase of more than 10%.
This represents an increase in relation to their overall ICT budget as well, with 58% indicating that security would increase as a percentage of that overall budget.
The cost of maintaining compliance with new legislation, the complexity of managing security in the cloud and efforts to improve incident response were identified as spending priorities for this budget increase. Many organisations also indicated their intention to merge their electronic and cyber security budgets.
Helping to secure your business
To manage risk in today’s complex, interconnected organisations we need to begin to move beyond the understanding that security is the domain of a single team. Security needs to integrate into all aspects of a business, beyond educating frontline staff not to click on links in emails.
This includes HR and legal understanding the security implications of their work, product developers thinking about the potential for harm if their solution was compromised and programmers understanding the security implications of their work before they start coding.
And as a society, we need to work together to better understand, contextualise and deal with cyber threat.