Governments and corporations alike must escalate the treatment of cybersecurity to the point where it is handled with the same severity as any other risk, speakers at this month’s Cisco Live! conference agreed as security and IT administrators gathered to weigh the progress of cybersecurity policy and technology.
“You would expect some type of law enforcement response if you were robbed,” Alastair MacGibbon, who was appointed as the first cyber security special adviser to the prime minister last May, told the audience at the conference, which attracted 6250 attendees from around Australia and the region.
“We need to make sure that type of response is there for industry big or small, that suffer at the hands of criminals or nation-states online. There should be no distinction between online and offline to the way we respond as a government.”
Australia had made great steps towards delivering on this vision by fostering a culture of innovation that is aligned with its cybersecurity goals, executives pointed out during the course of the conference, and – backed by looming breach notification laws and a strong reputation across the region – was steadily asserting its leadership as security-focused government policy and business transformation continued to take hold.
“Here is your leadership saying ‘we’ve got to plan for a decade from now’,” observed John Stewart, head of Cisco’s Security and Trust Organization. “And that’s just not very common. I am now watching big-named businesses come back to Australia and double down their investment here. There are very encouraging signs saying that the world is beginning to take notice, and is moving into the market to figure out how to capitalise on it.”
Those investments – including Cisco’s recent opening of a significant new Australian office in North Sydney – reflected growing maturity on the part of corporate decision-makers and, said vice president of security marketing Jeff Samuels, “an unshakeable belief in what we need to do from a Cisco Security perspective.”
That belief was driving rapid development of the toolsets and policies needed to counter a growing threat from professional cybercriminals that are, as Cisco vice president and CISO Steve Martino noted during his Cisco Live! presentation, “the biggest threat we face.”
“[Professional cybercriminals] are looking for ROI and looking at how quickly they can get it,” Martino explained, “and they are not poorly run companies. A lot of these are businesses that hire technical resources. They have a supply chain that they tap into, and they have changed their techniques to use cloud-based technology that allows them to scale up and down. It is a really different model than the old hacker and nation-state thing – and we really have to focus on how they’re capitalising on what they can do today.”
Much of the focus of the conference was built around the myriad tools that are emerging to assist companies in countering this threat. This ranged from a tighter focus on integration and threat-information sharing across projects, to better visibility through innovations like Tetration Analytics, a visibility platform that Cisco is using as a centre of gravity for machine-to-machine analytics and threat visibility.
Tetration relies on a range of sensors that run across a range of endpoints around the enterprise network as well as on cloud services run by various providers. “We need the sensor framework to work in the cloud as well,” said Mike Herbert, Cisco principal engineer, in a demonstration of the technology during the conference.
“We want the sensor framework that’s observing the behaviour of the systems to be pervasive,” he explained. “We know that from an IT perspective, you will have responsibilities that spread across domains. This means putting sensors on the operating systems, access points, aggregation, transit networks, Amazon cloud and Google-based endpoints. And in the next generation of hardware, this means collecting data not at the line rate of 1Gbps, but at 100Gbps speeds.”
This kind of technological progress will be critical to realising the vision that is positioning Australia as a regional leader in the cybersecurity space. Stephen Dane, managing director for security in the Asia Pacific Japan and Greater China region, has seen traditional regional technology leaders like Australia, Singapore, and Hong Kong pulling ahead of more-exposed countries like Vietnam, Philippines and Indonesia.
“Customers are responding and many are looking at solving their problems holistically, as opposed to on a project-only basis,” he explained. “Australia is well-known for being one of the most mature [cloud] markets in the world, and we’re expanding that secure Internet gateway idea to exclude other aspects of security.”
“Our goal is to help customers understand that they need to move their investments from the prevention-only kind of change, to a tone where there is going to be an x percent change that they’re going to be breached. Whatever defences they have in place from a prevention perspective will not be good enough.”
Improving those defences was a key focus for Chris Dedicoat, executive vice president of worldwide sales, who used his Cisco Live! opening keynote address to highlight the company’s recent shift to more-flexible network architectures through strategies such as its application centric infrastructure (ACI) and dynamic network architecture (DNA).
“We are trying everything that we can to make sure we build the technology that allows you to defend, and to defend in an architectural way,” he said, noting the interruption businesses faced from trends such as the Internet of Things (IoT). “This is the scale of the change that this generation of the Internet faces.”
“The potential is enormous, and the complexity is enormous. But it is something we have to prepare for. And it’s time to let the machines run the machines: we have to find a very different way to automate how networks are managed, orchestrated, and provisioned. This is incredibly important.”
The company was proactively engaging with “to make sure we’re asking the right questions,” Samuels noted in his panel, noting that many businesses were still treating cybersecurity as a binary indicator rather than a graded reflection of changing business priorities.
“One of the keys to having an effective security posture is making sure that the time to remediate a threat, and respond to it, is as close to zero as possible,” Samuels said. “Once you can do that you feel like you can at least take a deep breath and think about tomorrow. That’s what an effective security posture is.”