As AISA’s Cyber Conference 2023 being held in Canberra March 20-22 approaches, I thought I would go over some of the hot topics that I expect delegates from Australian public sector organizations will be talking about at the event.
And just a quick aside, Trustwave is a keen sponsor of the baristas at this year’s Australian Cyber Conference and we hope to share a hot beverage (of your choice) with you, so please stop by to discuss some of the following hot button topics: .
- Data is the New Uranium – For years, the message has been that data is the new oil. This comparison was rooted in the idea that, like oil, data is a resource that can power the modern world. However, as organizations around the world implemented big data strategies and stored all the data they could, they are now realizing that data is not the new oil; it’s the new uranium, with increased risk. Following on from significant telecommunications and insurer breaches in 2022, Trustwave expects there will be an increased focus on the type and amount of data stored in 2023. This extends to regulations the Australian government imposes on commercial organizations to store citizen Personally Identifiable Information (PII). It will be interesting to see how public and private sector organizations can work together to reduce the risk of citizen data being exposed. Key to minimizing risk is reducing the volume of data stored. Trustwave’s global head of consulting, Nick Ellsmore (he’s an Aussie!), introduced the concept of backburning your data at AusCERT2021 and his predictions for this year highlight how the very nature of storing data can be hazardous.
- Increase in Cyber Warfare – Cyberattacks of a geopolitical nature have grown this year, especially in the wake of Russia’s invasion of Ukraine. Trustwave’s elite SpiderLabs Threat Research team took a deep dive into the cyber weapons used by Russia to attack Ukraine. The team dissected the threat actors behind these cyberattacks and provided a timeline of events including technical analysis of the several malware types deployed. For Australian government organizations, a focus on keeping our own digital perimeters safe will not be enough. Trustwave has been busy delivering on Australia's International Cyber and Critical Technology Engagement Strategy initiative announced in 2021 to strengthen the cyber capability of our South East Asian neighbors - see the Trustwave team in action here. It’s been an honor for the team working on this Department of Foreign Affairs and Trade (DFAT) project in Solomon Islands, Samoa, Vanuatu, Tonga, and Fiji to contribute to Australia’s International Cyber and Critical Tech Cooperation Program. Trustwave’s work has included the deployment and configuration of SIEMs, network traffic collection and monitoring, endpoint security, and threat intelligence tools, and training. We have also delivered training for local technical specialists and senior government officials.
- Device and Third-Party Security – The use of third-party equipment in public sector networks is coming under scrutiny as could be seen with the removal of Chinese manufactured CCTV security cameras from Australian Department of Defence premises and other areas governmental offices. Departments should ensure that they have an Internet of Things (IoT)/Operational Technology (OT) policy in place that assesses the likely risk of exposure of devices, as well as ensuring service partners are also maintaining their security. Threat actors can easily take advantage of weaker service providers in the supply chain to breach government bodies or expose PII data. At a policy and practical level, the Australian government has been paying greater attention to supply chain risk for several years now but still this episode demonstrates the ever-increasing sensitivity of Government to supply chain risks.
- Critical Infrastructure – There has been significant discussion over the last six months of the changes to the Australian Security of Critical Infrastructure (SOCI) Act. There are still areas of the risk management program obligations of the SOCI Act that will need to be clarified. The Australian government has committed in the rules to creating guidance material to support their implementation, and hopefully this will help clarify some of the ambiguities we identified in this blog. We do know that the Cyber and Infrastructure Security Centre is continuing public webinars on risk management in February 2023, but the impact that the consultation process has had on updating specific guidance is not yet obvious.
- Security Baseline - Trustwave is seeing some clients place a focus on strengthening data literacy and cyber hygiene within their organizations. This focus is necessary as the security bar is being lifted higher by changes to the Essential Eight and the way its maturity is assessed. Expectations when conducting an Essential Eight assessment are evolving, with a greater onus on assessors gathering and using the highest quality evidence where reasonably practicable and less wiggle room for assessors. Upon concluding assessment activities, assessors will need to determine whether mitigation strategies were implemented effectively or not. This is requiring an uplift in the technical knowledge and skills of staff working on Essential Eight assessment.
- Crisis Simulation – For an organization to be resilient during a cyber crisis, key personnel must be acutely aware of their roles and responsibilities before, during, and after a high-severity cybersecurity incident. A cybersecurity crisis scenario simulation can be invaluable to pressure test both the assembled teams and the documented processes designed for such circumstances. In a recent crisis simulation exercise, Trustwave helped the UK Ministry of Defence prepare to defend against a cyberattack.
If you would like to reach out directly with questions on these topics, Trustwave will be onsite at the conference, so feel free to reach out to me, Eder Plansky Silva, or any team member. I have recently been working in our global business and am now back in Oz with new insight for government clients.
If you’re interested in some of the things we’ve been working on relevant to Australian public sector orgs, check our quick links on this page.