IBM has recently made significant investments to support Australian businesses of national significance by bringing industry-leading security solutions and services onshore.

This end-to-end sovereign capability includes in-country infrastructure, people and data, supported by industry-acknowledged, leading cyber security solutions.
This sovereign capability can be offered as an end-to-end service to Australian organisations, and includes:
- IRAP certified IBM Public Cloud to replace or supplement existing on-premise capabilities
- Confidential computing via Hyper Protect – Secure Services Container, with pervasive encryption and trusted code execution in EA5+ hardware-enforced partition and HSM that meets FIPS 140-2 Level 4 tamper resistance
- Security monitoring and response, managed from IBM’s IRAP certified Australian Security Operations Centre (SOC), by specialists with NV1-NV2 security clearances
IBM has moved these solutions and services onshore in segments where it has been ranked as a leader by such analyst firms as Gartner, Forrester and IDC.
The solutions offer a new way to fight cybercrime though an integrated approach and expertise powered by AI and orchestration and with the benefits of data residency. They can help organisations protect critical assets, detect advanced threats and quickly respond and recover from disruptions.
This follows ransomware attacks on various high-profile organisations, including Toll Group, BlueScope Steel, Lion, Spotless, Regis Healthcare, Law in Order and some regional Victorian hospitals. Many smaller businesses have also been subject to attacks.
Due to these persistent and significant cyber threats, the Australian Government identified the need to launch its 2020 Cyber Security Strategy last year, in an effort to protect Australia’s critical infrastructure.
Under the government’s proposed security of critical infrastructure (SoCI) reforms, key segments of Australia’s national critical infrastructure will be required to meet a new ‘Positive Security Obligation’ or PSO. This recognises the central role these segments play in the nation’s economic and national security, and the need to ensure their protection from disruption, unauthorised access and interference.
The PSO will set minimum cyber security baselines for industry, including sector-specific guidance on cyber security standards and best practise.
For some large organisations that are already subject to cyber security legislation, these standards will not be new. Still, they will be important to help benchmark security across the most important parts of the economy.
Economic risk
The AustCyber Digital Trust Report 2020 estimates that a four-week disruption to the nation’s digital infrastructure as the result of a significant cyber security incident would cost $30 billion, or about 1.5 per cent of GDP, and the direct loss of 163,000 jobs.
On a global level, IBM’s recently released X-Force Threat Intelligence Index 2021 has found that:
- In 2020, ransomware was the most popular attack method, making up 23 per cent of all incidents IBM Security X-Force responded to and helped remediate
- The estimated profits gained from a single ransomware threat group is more than US$123 million.
- Scanning and exploitation of vulnerabilities became the top infection vector in 2020, surpassing phishing, which was the top vector in 2019.
While these are global statistics, they demonstrate the pervasiveness of these threats and the devastating impact they can have on businesses and industries.
Digital technology is also central to our lives, work and education. This has certainly been the case in the last 12 months. Due to the Covid-19 pandemic, many Australians have worked and learned from home, and connected with family via video links.
This is why it is crucial to protect Australia’s IT landscape by offering an end to end IRAP certified infrastructure, secured and managed in Australia, by Australian Cyber experts . It is vital to the continuation of our economy and way of life.
For more information, please book a meeting with an IBM SME at date and time convenient for you. Learn more about IBM Security.