If you want your company to have a future, you need a cybersecurity strategy

Business Insider has partnered with Palo Alto Networks to bring you excerpts from Navigating the Digital Age, the definitive cybersecurity guide for
directors and officers.

Organizations all over the world rely on Palo Alto Networks to detect and prevent advanced cyberattacks while safely enabling applications. To protect your organisation, visit www.paloaltonetworks.com.

Navigating the Digital Age is a cybersecurity guide for company directors and decision makers. This introduction highlights the importance of cybersecurity and why companies need to urgently think about putting preventative measures in place.

For years, organisations have been spending valuable capital on check-box cybersecurity products that focus on narrow cyber risks or the specific ‘threat-du-jour’.

Their IT departments cobble together products and services from one legacy vendor to the next with little strategic planning or thought about what the business core risks are. And they hope that their mountain of legacy technology is updated often enough to provide some defence against the fear, uncertainty, and doubt being spread about cyberthreats in the daily headlines.

However, with the number and severity of breaches on the rise around the world, this approach to cybersecurity clearly isn’t working today. What may seem like fearmongering is in fact a new reality: the falling price of computing power has allowed cybercriminals to launch low-cost, low-risk attacks yielding high returns.

Hacker toolkits—easy-to-use, highly effective malware that’s growing in popularity—enable novices with minimal technical knowledge to understand your digital environment better than you do, and breach your increasingly expensive and complex legacy cyberdefences.

The traditional answer to these challenges has us stacking legacy technologies one on top of another, requiring more human operation to function because these point products were never designed to interoperate or share information.

Sean Duca. Photo: Supplied.

Rather than protecting us, these additional layers force organisations to feed threat information into individual tools, analyse what is happening, and then take action—slowing down the ability to keep up with attackers as they go deeper into our networks.

With the rise in successful cyberattacks, cybersecurity is becoming an increasingly strategic concern that threatens the foundations of enterprise value for business leaders in Australia and the Asia Pacific region.

Australia is a significant target for a range of cyberadversaries because of the country’s prominent role in the region, its dependence on information communication technologies, and its expertise in research, manufacturing, and technology—factors that will only increase in the future.

In fact, a recent report1 by the Australian Cyber Security Centre predicts that cybercrime activity will continue to increase over the next five years, despite efforts by many governments and security organisations to combat these criminals.

No leader wants their organisation to be splashed on the front page of a newspaper due to a cybersecurity breach, hurting their reputations and profitability, and undermining their business model, but this is the reality we face today.

It’s time for a new approach to security. In order to beat the attackers, we have to move beyond technical point product solutions, towards shifting the economics of attackers. By deploying defences to protect what is of most value to companies (and attackers) and increasing the speed and integration of our defence, we can slow down and potentially deter attackers by reducing their profit motive.

A recent study2 conducted by the Ponemon Institute3, a privacy, data protection, and information security policy think tank, revealed that two-thirds of the threat experts surveyed say that attackers go after the easiest targets first, quitting if the organisation has a strong defence.

This suggests most hackers are looking for a quick payday. The data also shows that if a firm can hold off a breach for less than two days (40 hours), the majority of hackers will move on to another target.

How then can you forestall and thwart an attack?

Sean Duca is the Vice President and Regional Chief Security Officer of Palo Alto networks.

To continue learning what you and your organisation can do to detect and prevent advanced cyberattacks, download Palo Alto Network’s definitive cybersecurity guide for directors and officers, Navigating the Digital Age.

Works Cited

1. https://www.acsc.gov.au/publications/ ACSC_Threat_Report_2015.pdf
2. http://www.ponemon.org/library/ flipping-the-economics-of-attacks
3. http://researchcenter.paloaltonetworks. com/2016/02/for-cyberattackers-time-isthe-enemy/

Business Insider Emails & Alerts

Site highlights each day to your inbox.

Follow Business Insider Australia on Facebook, Twitter, LinkedIn, and Instagram.