Australian Spy Data Helps Business Cyber Threats

Small and medium-sized businesses in Australia will be the big winners under the government's plans to share cyber-security data collected by the nation's intelligence agencies.

Under the plan announced in May, declassified data from the Australian Signals Directorate (ASD) will be shared with telcos and Internet service providers (ISPs) so they can develop more advanced products to combat growing cyber security threats.

Telstra director of security Neil Campbell said the data will make it easier for cyber security providers to create better targeted, more cost-effective products for small and medium sized businesses, which often don't consider cyber safeguards.

"This is where I think we have the opportunity to really make a difference," Mr Campbell said. "We have the opportunity to deliver at such a scale we can make it cost-effective for our customers."

The data provided by the government includes what are known as indicators of compromise (IOCs), which are generated during different stages of a cyber-attack and can represent or indicate that a compromise has been attempted or successful.

ISPs will be able to merge IOCs collected by the government with their own to create massive datasets which can be used to analyse, identify and develop active solutions to combat emerging or previously unknown cyber threats.

Big Data Benefits

"The more data you have, the more context you have, the more opportunity you have to find aberrant behaviour on the network or malicious behaviour on the network," Mr Campbell said.

"Putting systems in place to identify those and then taking what you learn in one part of the Internet and then applying it to people who would be vulnerable to that attack in another part of the Internet, that's where you go from passive to active.

"You get to the point where you start to create herd immunity because if one of your customers or half-a-dozen of your customers gets affected, you learn about it quite rapidly and you're able to inoculate the others against the threat."

In an interview shortly after the May announcement, Minister Assisting the Prime Minister for Cyber Security, Dan Tehan, said he hoped the data sharing would result in better products for Australian small businesses.

"What we're calling on the private sector to do is look at what products do they have or can they develop which will help protect those organisations which don't have the human resources or the financial resources to dedicate to keeping themselves cyber secure," Mr Tehan said.

Risk Versus Reward

Mr Campbell said cyber security often doesn't occur to small businesses because they're so focused on getting on with the job. But in some instances, businesses have been forced to close their doors because of cyber-attacks.

"I think they don't have the means, they don't necessarily have the motivation. Because given the choice between reinvesting your revenue in staying alive or growing versus covering off on risk, you know where the money's going to go."

"It's our job to give them the products and services that allow them to manage that risk cost effectively without having to become an enterprise or cyber security expert."

Between July 2015 and June 2016, the Computer Emergency Response Team (CERT) responded to 14,804 cyber security incidents affecting Australian businesses, 418 of which involved systems of national interest and critical infrastructure. "Cyber-crime is pretty much widespread," Mr Campbell said.

The government has committed $630 million to combat cyber-crime which is conservatively estimated to cost the Australian economy $1 billion each year.

AFR

You Might Also Read: 

Australia Implements Mandatory Data Breach Reporting:

Australia’s Sharp Turn To Information Warfare:

 

« Insiders Are The Cause Of Most Healthcare Breaches
Singapore’s Mounting Cyber Threats »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Hitachi ID Systems

Hitachi ID Systems

Hitachi ID Systems offers comprehensive identity management and access governance, privileged access management and password management solutions.

AMETIC

AMETIC

AMETIC, is the Association of Electronics, Information and Communications Technologies, Telecommunications and Digital Content Companies in Spain.

Swiss Re

Swiss Re

Swiss Re Group is a leading wholesale provider of reinsurance, insurance and other insurance-based forms of risk transfer including cyber risk.

Cybersecurity Advisors Network (CyAN)

Cybersecurity Advisors Network (CyAN)

CyAN provides a not-for-profit platform that helps private and public organisations as well as governments to identify trusted advisors in the area of Cyber Security and Cyber Crime.

CSO GmbH

CSO GmbH

CSO GmbH provide specialist consultancy services in the area of IT security.

miniOrange

miniOrange

miniOrange is a cloud and on-premise based identity and access management (IAM) solution provider.

ITonlinelearning

ITonlinelearning

ITonlinelearning specialises in providing professional certification courses to help aspiring and seasoned IT professionals develop their careers.

Granted Consultancy

Granted Consultancy

Granted Consultancy is a business consultancy that specialises in securing funding to support companies with the development and commercialisation of new and innovative products and technologies.

JM Search

JM Search

JM Search’s Information Technology Executives Practice sources the most sought-after technology roles including CIO, CTO, CISO, CDO and other senior posts.

NeuVector

NeuVector

NeuVector, the leader in Full Lifecycle Container Security, delivers uncompromising end-to-end security from DevOps vulnerability protection to complete protection in production.

Trava Security

Trava Security

Trava simplifies cyber risk management for business owners and IT professionals. Automated assessments, mitigation advising, and data-driven cyber insurance.

Carahsoft Technology Corp

Carahsoft Technology Corp

Carahsoft Technology is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets.

Denodo

Denodo

Denodo transforms the way organizations operate by unifying their data assets in real time and making data ubiquitous and secure to all users and business applications.

Baidam Solutions

Baidam Solutions

Baidam Solutions is a 100% Australian owned and operated First Nations information technology business.

SENTRIQS

SENTRIQS

SENTRIQS advanced encryption technology is engineered to defend against the most sophisticated cyber threats, keeping your operations efficient and secure.

Veracity Trust Network

Veracity Trust Network

Veracity Trust Network safeguards organisations from the threat of bot attacks on their public facing platforms.