Time is the new currency in cybersecurity: how Aussie businesses can avoid losing it to hackers

In the ever-evolving world of cybersecurity, time has become the new currency. As the 2023 Cost of a Data Breach (CODB) Report reveals, the ability to detect and respond to cyber threats swiftly can make all the difference for Australian businesses. But this is no small feat, at a time when cybercriminals have reduced the time needed to deploy ransomware from over two months to under four days.

We know hackers are innovating ways to speed up their attacks and gain deeper access to ever-evolving modern technology and high-value data, using automation and as-a-service models to maximise their ROI. Amid this race for time, organisations need to start considering how innovation will play a role in evolving their cybersecurity response.

Businesses from across different sectors often talk about and consider innovation as a core difference to their competition, but this approach is often lacking when it comes to their cybersecurity policies and practices — with some employing principles that could be considered monolithic.

So, while simplification has been at the heart of many recent IT transformation programs, how does that translate in the realm of cybersecurity? We must ensure we take a simplified approach to security to deliver speed, scale and visibility at lower costs across the whole economy.

To achieve this, we must develop and maintain globally recognised technology standards through public-private collaboration.

A rapidly expanding attack surface

The attack surface cybersecurity must contend with has undergone a profound expansion in recent years, with the proliferation of workloads and users accessing them becoming more and more disconnected from corporate networks. In fact, it will only continue to grow as organisations further advance their multi-hybrid cloud journey and invest in AI.

Hackers continue to be sophisticated, innovating and employing advanced techniques to breach today’s business environments. In fact, the breach investigations have become so complex today that the highest cost of breach incurred by Aussie businesses is in the detection and escalation stage (AU$1.68 million). This cost is then followed by post breach response (AU$1.21 million) and then the notification stage (AU$0.18 million).

The CODB 2023 report emphasises that early detection and rapid response are key to minimising the impact of a breach and the financial burden it imposes. In a world where infiltration can be done in seconds, how can we continue to live with this time magnitude in our collective response?

The rising cost of cyber breaches

The average cost of a data breach in Australia this year has reached another record high, of AU$4.03 million.

Australian organisations’ losses aren’t just monetary, there’s also the immeasurable lost trust from customers, partners and stakeholders.

The role of AI and automation

Analytics with AI and automation are emerging as the most reliable investment in terms of impacting the time deficit to attackers. The CODB report indicates that these technologies have the most significant impact on the increase in speed of breach identifications and containments — ultimately bringing down costs. It’s an indisputable fact that computers are just more capable than humans of being able to process large amounts of data and identifying signals amongst noise, and we need that insight delivered accurately to humans to empower and accelerate accurate decisions.

This is no different in cybersecurity: AI-driven threat detection systems can analyse vast amounts of data in real time, identifying anomalies and potential threats with unprecedented speed and accuracy. Automation can take manual processes off people, by executing predefined actions against connected systems, isolating compromised systems and mitigating threats before they cause damage. You can deliver more scale with speed and accuracy, allowing your human workforce to focus on high-value, critical tasks.

Thanks to new technology adoption, organisations in ASEAN have successfully cut breach lifecycles by 99 days and reduced data breach costs with the extensive use of security AI and automation. This is just the beginning of an evolution that will result in revolution. If we are to become a more cybersecure nation by 2030, we must increase collaborative, standards-oriented innovation and embed this as a continuous process across the economy.

Tips for Australian businesses

So how can Australian businesses enhance their cybersecurity posture and avoid falling victim to sophisticated hackers? Here are some actionable tips backed by the CODB 2023 findings:

1. Addressing ransomware

Ransomware attacks continue to plague organisations worldwide. Businesses need to make sure their number one priority is that they can recover. To provide protection, they must regularly update their systems and educate employees about the dangers of phishing and suspicious attachments as their first line of defence.

2. Leveraging law enforcement intervention

Collaboration with law enforcement agencies can be a game changer in the fight against cybercrime. Sharing threat intelligence and working closely with authorities can help law enforcement to quantify impact and invest in justice — and in turn provide a trusted notification mechanism for industry to act.

Businesses should establish relationships with local law enforcement agencies and participate in cybersecurity information-sharing initiatives. This proactive approach can deter hackers and increase the chances of apprehending those responsible for breaches.

3. Closing detection gaps

It is important for organisations to conduct thorough security assessments to pinpoint weaknesses in their digital infrastructure. Continuous automated and ongoing scanning, testing and monitoring can help detect and address potential weaknesses before they can be exploited by hackers.

4. Leveraging the DevSecOps advantage

DevSecOps, the practice of integrating security into the development and operations processes, offers a proactive approach to cybersecurity. By embedding security measures throughout the software development lifecycle, protections can be organic in deployment, vulnerabilities can be identified and remediated before deployment, and the availability of security data and analytics can help to quickly detect attackers in the early stages of exploitation. Leveraging leading cloud or platform providers to deliver the same capability will further decentralise risk from a slow and monolithic approach.

Conclusion

In conclusion, the above insights and statistics serve as a wake-up call for Australian businesses to recognise the critical importance of time in cybersecurity, to prioritise early detection and rapid response as a means to gain time back from the attackers.

We need speed, scale and accuracy in all cybersecurity — like never before. By embracing AI and automation, Australian businesses can fortify their cybersecurity posture from the relentless onslaught of cyber attacks. We must deliver this transformation and innovation today, as without it these numbers won’t get better as widespread use of AI and the emergence of quantum computing deliver another step change in capability to both sides.

*Chris Hockings is the CTO for IBM Security Asia Pacific. He represents the IBM global security strategy and vision across the region and in doing so engages with leaders across government, industry and partnerships. Chris has been a leader across all facets of software, including global research and development, support, service and market engagement.

Top image: iStock.com/Remitski