Globally, cyber security budgets are predicted to rise and are estimated to be more than $6 trillion annually by 2021. These figures are based on:
- Recent year-on-year growth in hostile nation-state sponsored activity,
- Organised crime and cyber hacking instances, and
- Malicious and non-malicious employee security breaches.
Australian businesses and government organisations are expected to spend up to $3.8 billion in cyber security in 2018, up 6.5 percent from 2017 according to a recent Gartner report. With that increase comes budget, time, strategy and effort from Executive and C-Suite business leaders across Australia.
So, what new threats do the C-Suite and Australian business leaders need to be aware of – and how is that already impacting their cybersecurity strategy and budgetary spend?
The team at Loop have identified five prominent cybersecurity challenges and trends that will impact businesses and leadership teams in Australia this year.
- Artificial Intelligence Expansion
A growing trend in the cybersecurity defence area is the incorporation of Artificial Intelligence (AI) or algorithm-based defence monitoring systems that detect and respond to threats around the clock.
Some of the key benefits in incorporating AI into your cybersecurity strategy include the ability to protect and defend an environment when at attack begins, thus mitigating impact.
Traditionally, cybersecurity experts mitigate attacks once they have already taken place, in a historical context. Since AI does not need to switch off and is automated upon attack, it can prepare defence actions the moment a threat impacts the business.
However, this field of cybersecurity measures is still quite immature. Asking IT business leaders and cyber security strategy teams to consider AI as a future protective control will allow your business to stay ahead of the cyber security technology curve.
- Ransomware Advancement
Evolved and sophisticated ransomware is affecting businesses across Australia, latching onto customer data and information that can only be retrieved with lengthy cyber security incident response methods and expensive remediation tactics.
Ransomware attacks across Australia have risen by 36 percent in the last two years, making it a viable threat to businesses from an operational, revenue and profitability perspective.
With a growing count of malware samples impacting every sector, IT professionals and business leaders need to have a business continuity and disaster recovery strategy in place.
This involves intensive planning for recovering corporate and customer data and applications, as well as reporting any breaches against the Notifiable Data Breaches (NDB) scheme and meeting compliance requests.
- IoT Threats
By 2020, research firm Gartner predicts that more than half of major new business processes and systems will incorporate Internet of Things (IoT) elements.
Some of the use cases being considered by organisations today include:
- Asset management, in particular predictive maintenance,
- Healthcare in particular with connected medical devices and patient monitoring,
- Supply chain and inventory management, and
- Building or facility management.
The myriad of firmware and software systems running on IoT devices makes consumers and businesses highly susceptible to cyber attacks.
A lot of this technology is not designed with cybersecurity in mind, nor to be used for commercial purposes – of which it sometimes is. Insecure web interfaces, data transfers, payment and authentication methods can leave users open to attacks.
Business leaders and the C-Suite need to work with cybersecurity professionals to ensure the integration of controls such as password policies, user verification, secure session handling, multi-factor authentication and security protocols to help manage this risk.
Much of this knowledge resides within the specialist arena of cyber security professionals, an area business leaders should be gaining advice from.
- Blockchain Revolution
While still relatively insignificant or immature to Australian business leaders, 2017 saw a major rise in blockchain technology applied to businesses in both the operational and cyber security arena.
Blockchain can offer secure records management, decentralised access control and identity management. This year will see a rise in variations between public and private blockchains which will undoubtedly change the face of cybersecurity.
- Serverless Architectures & Apps
Serverless architectures and apps refer to applications that depend on back-end or third-party services residing on a vendor host, such as AWS Lambda.
Your business may already be operating in this way, as these types of systems can significantly reduce operational cost and complexity.
However, serverless apps and architecture can invite cyber threats as security precautions are expected to be managed by end users, as opposed to on-server security controls managed by the business or IT Operations team.
Each year brings a new wave of threats and technological vulnerability changes to businesses in Australia, as well as new defence mechanisms.
Leadership teams across Australia need to keep ahead of these changes and prompt their security teams and vendors to keep them ahead of the technological evolution and cyber security curve.