DBG team members Greg and Joel attended the Comunet Cyber Tech Showcase last week, a South Australian cyber event with leading global cyber technology vendors; Amazon Web Services, Airlock Digital, CyberArk, Darktrace, Fortinet, Okta and guest speakers from Duncan Powell DEM and Fivecast.
The inaugural event profiles risk awareness and mitigation of the current cyber threat landscape from end-user all the way through to cloud security.
Security misconfiguration is one of the most common causes for data breaches across the globe. Whether it is inadequate access controls, running outdated software or using unnecessary software and services, threat actors have various tools to look for and exploit common misconfigurations.
A look into the recent deluge of cyber incidents and data breaches within Australia, and how knowing your current cyber maturity across your critical assets can assist with risk mitigation, our key takeaways from the event are best shared in the dot points from notes taken on the day:
Context
Understanding what is happening around security events – are the login request coming from a new device, from an unusual location or at an irregular time of day?
Identity
How do we better manage access in a Software as a Service era, where we are no longer just operating inside the bubble of the corporate network? What other entities exist that aren’t people but still require privileges, such as automation through scripts or connected services?
AI Driven Open-Source Intelligence
Security practitioners can suffer alert fatigue and being overwhelmed with the volume of alerts and threats can make it hard to prioritise. AI tools can assist in automating decisions and remediations, detecting endpoint security breaches and automatically responding. Some fascinating cases were presented including intelligence systems that predict and detect criminal activity across the globe.
Governance and Risk Reduction
How many businesses have a cyber security strategy? What plans are in place now and how are they evolving as things change? Do businesses understand their responsibilities for customer data and do they understand their most important assets to protect (their Crown Jewels!)
The current threat landscape, an atmosphere characterised by increasingly sophisticated attacks and where Ransomware is escalating in terms of its effectivity. With double extortion ransomware causing chaos for organisations, new means of preventing critical damage are needed.
It’s an ongoing conversation, we’ll make sure to update as we learn more!