If 2020 showed us anything, it’s that organisations - big and small, public and private, for profit and non-profit - need to be prepared for anything.
High profile data breaches in 2020 impacted organisations across Australia, including the Marriott, the University of Tasmania, and Transport for NSW, reminding us that cybercriminals continue to prey on cybersecurity vulnerabilities - especially as users continue to access sensitive data and applications from outside the network perimeter.
Recognising the threat, the Australian Federal Government released a new cybersecurity strategy in August 2020, providing proposed amendments and regulatory framework to the Security of Critical Infrastructure Act 2018. Central to the proposal is the expansion of the industry sectors the government considers “critical infrastructure”. Joining banking, health and transportation is the government services sector. And, it’s easy to see why. In a 12-month period between July 2019 and June 2020, the Australian government was the target of more than 400 cyberattacks--approximately one-third of all documented cyber-attacks in Australia. In fact, IBM Security estimates that 13 percent of all global cyberattacks are state-sponsored.
Shutting down or overwhelming key government services could impact Australia’s ability to respond to an emergency or cripple the country’s social safety net. The Australian government and private partners calculated that a four week disruption to the country’s internet would cost AU$30 billion and result in a loss of more than 163,000 jobs.
Government departments and agencies need to migrate away from traditional detect and respond security practices in favour of a more proactive threat protection strategy that protects against increasingly sophisticated malware threats such as zero days, watering hole attacks and drive-by downloads. Government organisations also need to prevent spear phishing and other credential theft attempts and enforce security updates. And they need to do this while reducing security complexity and the time spent on manual security tasks.
As we’ve documented many times before, accomplishing this with legacy security approaches is impossible. Instead, government organisations need to embrace internet isolation as a way to keep critical infrastructure safe from cyberattacks.
Isolation-powered security creates a protective layer around users as they navigate, blocking not only known and existing threats but unknown and future threats, too. Rather than responding to attacks after the fact, IT teams can prevent them from reaching workers in the first place. This removes a big burden from the shoulders (and the to-do lists) of security teams and agencies can eliminate the ability for web and email-based malware to infect, spread and harm the ecosystem.
As cybersecurity threats grow in volume and sophistication and potential outages increase in impact, Australian government organisations are facing new security challenges. Using isolation security to prevent malicious actors from accessing the end point and spreading from there to the rest of the network is a cost-efficient and highly effective way to meet these threats and reduce security risks.