As cyber attacks get more diverse, so should defence strategies

Man holding lock with computer icons

Cyber security teams have been urged to adopt a more “diverse” approach to defending their data against malicious attacks that only continue to evolve in their sophistication, according to Standard Chartered’s Group Chief Information Security Risk Officer (CISRO), Darren Argyle.

Argyle told attendees at FST Media’s Future of Security, Sydney event held at the Hilton Hotel on 1 September that alternative ways of thought to fight attacks and defend data would be needed as attacks get more diverse themselves.

“The International Monetary Fund recently published a report that demonstrated women who were part of the workforce increased productivity by 25 per cent GDP in some developing countries,” he said.

“In my own team, I have over 50 per cent of my leaders across my entire organisation that are women. That diversity of thought is a powerful force multiplier.

“The attackers are getting more innovative, thinking of new ways to attack our organisations. We need more diversity of thought – women, poets, artists, communicators – are all great assets to diversify our workforce.”

The notion was part of a three-tier framework implemented by executives at Japanese firms and referenced by Argyle at the event for organisations to better combat malicious cyber threats, attacks and hazards.

Diversity – along with accountability, transparency and truth telling – formed part of the first tier of ‘adopt’, followed by the ability to ‘adapt’ to the changing nature of cyber security, including asset prioritisation and protection, cyber resilience and scenario-led dynamic risk management.

The final tier, ‘become adept’, involved a holistic approach to stakeholder management, maintaining personal brand and reflecting communications for specific audiences.

“Cyber resilience is not just about your own organisation but extending it to the entire ecosystem,” Argyle said.

“It’s my responsibility as a senior cybersecurity leader to ensure that the entire ecosystem is protected, and I think we can do a lot more to ensure that our supply chain is strong. We are only as strong as the weakest link.

“Stakeholder management is the strongest thing any cybersecurity professional or any leader can adopt.”