Agencies striving to improve resilience around information security need to come to terms with a fact that any organisation or agency can potentially become subject to a cyber attack, but what matters is how quickly they will be able to detect and address such an incident.
Panelists speaking about the information security at the recent 8th Annual FST Government Australia 2022 event held in Canberra said that agencies should adopt a mindset that prioritises the management of risks in the event of an incident.
Nicole Ozimek, Assistant Secretary Cyber Security and Network Branch (CRB), Department of Foreign Affairs and Trade, noted that there was still a stigma attached to those entities who have had the security incidents and their networks had been compromised at some point in the past.
“The thing is that everyone will become a subject to a cyber attack if you run the IT. The key thing is how quickly you detect, how quickly you respond and how quickly you recover,” she told conference attendees.
Hence it was important for agencies to be able to share their learnings with the community and other like-minded departments so they could check the resilience of their own environments and controls and share their detection techniques.
“We need to get past that ‘Oh no, I have been subject to an attack’ [attitude to] ‘Hey I detected it, I responded to it and I fixed it. And I am going to share that with the community so you can leverage from these lessons learnt’,” she added.
Although attacks vary in terms of a degree of their sophistication, organisations and entities should be ready and make sure that their cyber responses would be commensurate to the risks.
According to Alan Marjan, Assistant Director-General Cyber Uplist (ADGCU), Cyber Security Resilience Division, Cyber Uplift Branch, Australian Cyber Security Centre, the key points when it comes to resilience was building a right network and community and knowing your network well.
“Build your networks and community, your size in networks, your CIO [chief information officer] networks, your peers. Even though you are working with competitors in your community or industry world or even government, you have got peers. Build those networks because you will rely on those during crisis and those networks that you have built will pay dividend,” he said.
Dragan Vladicic, Director – Solutions Engineering at Okta, also echoed Ozimek’s sentiment on the high likelihood for many organisations, entities and agencies to come under cyber attack at some point.
“One day we will get compromised and how we are going to manage that is I think the key mindset to have,” he said.
However, he pointed out that at the same time, smaller agencies would not always have resources at their disposal or ability to scale the network or identify compromised end points, leaving this as an opportunity for cyber hubs and the industry to help those smaller entities scale.