Manual investigation, third parties, customers and law enforcement are catching far more cybersecurity threats more than software solutions, says Chris Fisher, director of security engineering APJ at cybersecurity company Vectra.
That’s despite cybersecurity being a focus of IT spending – in the second half of 2021, Gartner reported that nearly three quarters of ANZ CIOs had indicated that cybersecurity would be their biggest area of investment in 2022.
Many Australian organisations are finding that those cyber security solutions fail to detect security breaches. Fully 58 per cent of IT decision-makers responding to a new Sapio Research-Vectra survey said they had purchased a security solution which failed on at least one occasion.
Just 41 per cent of breached organisations were notified of the breach by their security tools, with 35 per cent only discovering the breach after their security teams began investigating manually.
“New technology is coming into the market, but effectively protecting against threats requires a mindset shift,” Fisher says. “We need to sit back and say ‘what do we need to be doing differently?’”
Old ideas, new threats
Vectra chief technology officer Oliver Tavakoli blames the gap on entrenched, outdated ideas about security – even as cybercriminals steadily innovate and improve their attack methods.
“Digital transformation is driving change at an ever-increasing pace,” he explains, “yet companies are not the only ones innovating.”
“Cyber criminals are, too – and as the threat landscape evolves, traditional defences are increasingly ineffectual.”
Indeed, 44 per cent of the Sapio Research-Vectra survey respondents said the biggest problem with their existing security tools is their failure to detect modern attacks.
IT decision-makers said their biggest security concerns revolved around transformation-related issues, such as supply-chain threats and the added complexities and security risks of cloud adoption.
Educate leaders
Although 88 per cent said recent high-profile attacks had made boards more aware of cybersecurity issues, 86 per cent thought that boards’ cybersecurity decision-making was driven by their existing relationships with legacy vendors.
Fully 57 per cent said they had encountered challenges in communicating the value of security to the board, while 45 per cent said the board’s mindset is a decade behind the current situation.
Addressing these issues, Fisher says, requires convincing boards to modernise their understanding of cybersecurity – and to support an overhaul of the way that security defences are constructed.
“Legacy choices are the safe choice, so the traditional viewpoint that many boards have makes sense as they’re generally risk-adverse,” says Fisher. “Unfortunately this no longer makes sense with the threats we’re facing today.”
Rather than relying on legacy tools that simply monitor for changes from baseline activity, Vectra encourages adoption of AI-based security analytics tools and threat-detection technologies that can detect and identify cybercriminal activity.
After years of working to educate board and C-suite members about the importance of cybersecurity, Fisher adds, security executives need to build on those conversations so that boards understand that new approaches are necessary.
“No one likes hearing ‘we’re going to get breached’,” Fisher explains, “but these honest conversations are the ones we need to be having so we can be prepared and come to grips with the challenges and how we can meet them.”
“Security leaders must take on the role of raising awareness, not only with their teams but at C-suite or board level.”
“The decisions and thinking at the top will set the overall tone and direction, so this is a crucial piece of any security strategy.”
To learn more about the risks of old-style cybersecurity thinking – and how to beat them – click here to download Vectra’s e-book, Fit for Purpose or Behind the Curve?
