Last Thursday, 19th March, iQ3 hosted its quarterly Executive Roundtable at Blackbird Bar & Grill in Brisbane, Navigating Cyber Security – Strategies to enable resilience & confidence within your organisation. Guests enjoyed an insightful and informative discussion around the unprecedented importance of cybersecurity and strategies, particularly in today’s turbulent economy and widespread uncertainty.
Just hours before business lockdown, cybersecurity expert Mike Younger, Director, Digital Trusts, PwC dropped in to share his knowledge and experience around the security industry. Younger’s experience at leading firms, Data #3, EY among other boutique security start-up businesses has allowed him to achieve a well-rounded and well-informed view of how businesses can minimise their risk to enable a secure and streamlined workplace.
Among recent COVID-19 related phishing scams in addition to remote working conditions implemented by the government, organisations are required to be proactive in preparing themselves for what’s to come. Younger emphasised the need for organisations to make technological changes to enable remote work without sacrificing the integrity of the business and mission-critical data.
Currently acting as CISO for two utilities in Brisbane, Younger highlighted the importance of the protecting the intellectual property of the business. Whilst malware and phishing are huge security risks, businesses should not neglect the weight and value of their internal information, viewing it as the ‘life blood of the organisation’. As schools, hospitals and research entities continue to spend more money on progressing research, it is critical that this information is safely stored and protected to avoid copyright concerns, namely those centred around larger nation states.
‘Knowing what information sits where and strengthening the controls around your assets’ was a key recommendation made by Younger, labelling ransomware as a fairly small price to pay compared to your organisation’s material wealth. On average, it takes around 180 days to detect a security event, therefore educating employees around these unprecedented risks and creating a culture focussing around security can assist in protecting your organisation in the long-term.
While workplace mobility is currently driving business operations, implementing the infrastructure to support remote workers and prevent the potential for ‘weird’ behaviour resulting from various IP addresses is crucial for businesses moving forward. As the public cloud leaves organisations even more susceptible to cyber threats, Younger suggested five strategies for businesses to reduce their risk and successfully support your organisation though these pressing times:
- Implement a cultural security awareness program which utilises behavioural theory (such as System 1 and System 2 thinking), disrupting employee auto pilot through interruptive measures
- Minimise the consequence of an incident and downtime through measurable and effective incident response and management
- Effective monitoring alerts through a security operations centre, providing real-time alerts and implementing strict protocol illustrating the steps to effectively escalate threats
- Creation and use of governance tools including Information Security Management Systems, detailing strategies and governance and steering committees
- Know your assets and crown jewels. You cannot protect everything, know what has the biggest impact to your business and build stronger controls around those assets.
For more information iQ3 Cyber Security services or to register your interest to attend one of our future events, email firstname.lastname@example.org