Aligning cybersecurity plans to business challenges was a hot topic at the recent ACSC (Australian Cyber Security Centre) Conference in Canberra, Australia.
On my recent tour of the region, I joined our regional Australian team to help increase Carbon Black’s involvement and impact on the Australian (and greater cybersecurity market.) The ACSC and the ACSC conference is front and center to the changing cybersecurity mandates in Australia and surrounding regions.
During the event, I continued my analysis and investigation on the growth of global security regulations, which will continue to affect business planning, spend, and investment around IT and security policy.
The ACSC event is positioned as a government-centered security conference featuring leading cybersecurity experts from Australia and abroad, gathering to discuss and promote information on the latest threats, mitigations, and advances in cyber security.
Additionally, many discussions featured in-depth reviews of the technologies and frameworks being developed to help businesses understand, mitigate, and remediate security problems and threats within their infrastructures.
Our own Brett Williams hosted a technical session on these technologies during day two of the program, featuring insights on how to remedy the threat posed by default volume shadow copies. His session was very much in synch with the theme of the event, which not only divulged the problem, but offered steps security teams can take to help respond and remedy the threat.
As with many other cybersecurity conferences, many current issues, threats, and exploit techniques were discussed. What made ACSC different was that there was much content focusing on how to address problems and how to measure security risk, including steps organizations can take to position themselves closer to their security objectives.
This was a refreshing divergence from many of the events I attend. It’s easy to get bogged down in the weeds and become polarized on the multitude of dangerous threats to our cyber identities, our businesses, and our general virtual existence. There is also a vast amount of noise within our industry from vendors, organizations, and community bodies that focus on the state of the cybersecurity marketplace. It was refreshing to attend an event that focuses on offering some steps to help make progress towards better cyber security posture and presence a reality.
Australia’s maturity and attitude around cybersecurity is impressive and, in terms of the development of mandates and strategies to provide solutions and security risk measure, I would consider the region a frontrunner in the market.
One session on that topic was an update session from the ASD featuring updates to the ISM mitigating strategies, the Information Security Registered Assessors Program (IRAP) program and certifying the cloud. With Australia’s cloud initiatives (and, for that matter, the global focus on security within cloud solutions,) this session was particularly timely and valuable.
After the session, I caught up with Melissa Osborne, Director of Cyber Security Industry Partnerships, Cyber Security Division at the ASD. She shared some interesting insight into the development of cybersecurity initiatives promoted by the ASD that are moving forward within the region.
I’ve stated in previous posts that Carbon Black promotes the idea of implementing a security mitigation baseline as a good first step toward moving toward a better security posture, but the ease which businesses can implement these baselines will make or break their cybersecurity program.
Carbon Black’s Event Stream Processing technology, streaming prevention, fits very well into the mold of helping address the security themes at the ACSC event as well as strategies discussed by the ASD. The focus on applying thresholds, risk, and priority to security events is of paramount importance in hitting the objectives of current threat-mitigating strategies. This was a common theme during the ACSC event, and it’s becoming increasingly more common at many cybersecurity events lately.
We should keep a close eye on cyber developments across Australia and the South Pacific, especially the work being done by the ASD. When it comes to cybersecurity and the ever-growing list of data security and protection mandates, there is much we can gather from the security-control recommendations found within the ISM.
The ACSC event was a great example of the mindset with the region – one that recognizes and addresses the threat, but also develops ways to remediate and measure the problem. Carbon Black will continue to do its part and work diligently with organizations such as the ASD, and others throughout the globe, advocating strategies to help organizations measure their security posture, get a grip on their security policy, prioritize their solutions, and get another step closer to a world safe from cyber attacks.