The Australia and New Zealand cyber heavyweight is hoping to encourage businesses to do what they can to avoid being on the 2021 cyber victim list.
Australia and New Zealand cyber megamix CyberCX is hoping to fill the gap left by global security firms, focusing locally to forge ahead with a more regionally appropriate response to countering cyber threats. In its Annual Threat Assessment report [PDF], CyberCX, the group of security companies headed by two of Australia’s most experienced technology and cyber veterans, has offered a handful of recommendations for businesses operating in Australia and New Zealand, with the first, under the banner “strategic”, encouraging the development of an incident response plan. “The faster an organisation can detect and respond to an incident, the less likely the incident is to have a significant impact on data, customer trust, operations, reputation, and revenue,” it said. Although obvious, the report drums in the importance of educating and training staff on practices such as good cyber hygiene, creating a security culture, as well as creating and maintain a consistent, up-to-date cybersecurity policy suite. See also: Australia’s answer to thwarting ransomware is good cyber hygiene CyberCX, backed by private equity firm BGH Capital, was formed a little over one year ago when it brought together 12 of Australia’s independent cybersecurity brands: Alcorn, Assurance, Asterisk, CQR, Diamond, Enosys, Klein&Co, Phriendly Phishing, Sense of Security, Shearwater, TSS, and YellIT. It is headed by Alastair MacGibbon, former head of the Australian Cyber Security Centre and once special adviser on cybersecurity to former Prime Minister Malcolm Turnbull, as well as CEO John Paitaridis, who was formerly Optus Business’ managing director. Since launch, CyberCX has gone on an expansion spree, scooping up a number of local cybersecurity startups simultaneously. In its report, CyberCX encouraged the use of local cybersecurity firms. “Using Australian and New Zealand cybersecurity vendors drives innovation at home and boosts jobs in the local cybersecurity market. Local vendors offer cybersecurity solutions of global calibre and at the same time provide the added benefit of a local perspective,” it wrote. “Analysis tailored specifically to the Australia-New Zealand context is often missing from international vendors, many of which tend to be US-centric.” See also: Former PM Turnbull suggests Australia boosts its cyber capability by buying local The next item on its checklist is “technical” and includes practices such as securing the attack surface, increasing network visibility, implementing end-point controls, adopting multi-factor authentication, and adopting the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework.
