Quick Quote
Contact Us

+61 1800 735 876

Contact Us
Quick Quote

IT'S TIME TO MODERNISE CYBERSECURITY

The rules have changed and the bad guys have gotten smarter

download free article

IT'S TIME TO MODERNISE CYBERSECURITY

The rules have changed and the bad guys have gotten smarter

download free article

What Ingredients Make a Modern Security Strategy?

Download Director of Strategy & Architecture, Customer CISO, Sekuro, Lee Roebig’s article “It’s Time We Modernise Security” and learn:

  • Current trends in cyber threats
  • Why our way of thinking about cybersecurity needs to be updated
  • The ingredients that make up a modern security strategy

Addressing the expanded attack surface

Making security perimeter-less

Enabling secure digital transformation

Modern defences for modern threats

Leading with an identity-driven access strategy

download free article

What Ingredients Make a Modern Security Strategy?

Download Director of Strategy & Architecture, Customer CISO, Sekuro, Lee Roebig’s article “It’s Time We Modernise Security” and learn:

  • Current trends in cyber threats
  • Why our way of thinking about cybersecurity needs to be updated
  • The ingredients that make up a modern security strategy

Addressing the expanded attack surface

Making security perimeter-less

Enabling secure digital transformation

Modern defences for modern threats

Leading with an identity-driven access strategy

download free article

The Old Way Isn't Cutting It

Increase in frequency of breaches

Source: Verizon’s DBIR report

Global average cost of a data breach in 2024

Source: IBM

Projected total data breach cost in 2025

Source: IBM

download free article

The Old Way Isn't
Cutting It

Increase in frequency of breaches

Source: Verizon’s DBIR report

Global average cost of a data breach in 2024

Source: IBM

Projected total data breach cost in 2025

Source: IBM

download free article

Cybersecurity tools are increasing and becoming more accessible. So why aren’t breaches reducing over time?

For one, the attack surface is far larger than before, making systems, data, and users much harder to protect.

To address this, it’s time to modernise our security strategy

The old way isn’t cutting it

Download free article

The old way isn’t cutting it

Download free article

Why isn't the old way working anymore?

Over-restrictive measures can backfire

The bad guys have gotten smarter

Overly complex security architectures cost more in the event of breach

Why isn't the old way working anymore?

Over-restrictive measures can backfire

The bad guys have gotten smarter

Overly complex security architectures cost more in the event of breach

Download the article to learn more about Modernising Security

By submitting your email address, you acknowledge that you have read the Privacy Policy and that you consent to our processing data in accordance with the Privacy Policy.

"Modernising cyber security strategies is about finding the right balance between encouraging innovation, keeping things running smoothly, and building robust defences against the ever-growing range of cyber threats. It’s about being secure, adaptable, and seamless all at once."

modernising security

Cybersecurity tools are increasing and becoming more accessible. So why aren’t breaches reducing over time?

For one, the attack surface is far larger than before, making systems, data, and users much harder to protect.

To address this, it’s time to modernise our security strategy

Download Director of Strategy & Architecture, Customer CISO, Sekuro, Lee Roebig’s article “It’s Time We Modernise Security” and learn:

  • Current trends in cyber threats
  • Why our way of thinking about cybersecurity needs to be updated
  • The ingredients that make up a modern security strategy
download free article

Cybersecurity tools are increasing and becoming more accessible. So why aren’t breaches reducing over time?

For one, the attack surface is far larger than before, making systems, data, and users much harder to protect.

To address this, it’s time to modernise our security strategy

Download Director of Strategy & Architecture, Customer CISO, Sekuro, Lee Roebig’s article “It’s Time We Modernise Security” and learn:

  • Current trends in cyber threats
  • What it means to have a modern security strategy
  • Why our way of thinking about cybersecurity needs to be updated
  • The ingredients that make up a modern security strategy
modernising security

What was 2024 like?

Top 3 self-reported cybercrime types for business:
• email compromise (20%)
• online banking fraud (13%)
• business email compromise fraud (13%)

• System Intrusion
• Social Engineering
• Basic Web Application Attacks

represent 95% of breaches in APAC

Global average cost of a data breach
USD 4.88 million

63% of organizations plan to increase prices
following a data breach to pass the cost along to customers

What was 2024 like?

Tagged

Looking back on 2023 in Cyber Security

It’s 2024 and we now have the benefit of hindsight to look back at 2023 and see what we can learn. The highlights for me were:

  • According to the Australian Signals Directorate (ASD), the top 3 causes of cyber incidents in Australia in 2023 were Email compromise, Business email compromise fraud and Online banking fraud
  • From Verizon’s DBIR report, we can see that Australia Pacific’s top patterns observed in over 93% of breaches were Social Engineering, System Intrusion, Basic Web Application attacks.
  • From IBM’s Cost of a Data Breach report, we see that data breaches have gone up in cost by 2.3% (finally something below inflation!). However over a 3 year period the cost has increased by 15.3%, an annual average of 5.1% (still below inflation though).
  • 57% of companies increased the costs of their goods/services after a breach, passing the costs onto consumers.
  • It takes 277 days on average to identify and contain a data breach.

So overall, we see things are the same or getting slightly worse. Is it because organisations aren’t spending enough? I don’t believe that’s the case. Gartner has shown that globally, organisations spent 14.2% more on cyber security than the previous year.

Executives are no longer asking “Why do we need to spend money on cyber” and are instead asking “How much money do you need to reduce our risk?”

The support is there, and the money is there too.

So why are breaches not reducing by the amount we’re spending? Why is it still the basics like email compromise, web application attacks and social engineering that are getting us each year?

I believe it’s because our systems, users, data, and assets are much harder to reach and protect than ever before. The perimeter has expanded, our attack surface is far larger and many of our existing technologies/security controls just cannot keep up. To address this, it’s time to modernise our security strategy.

Our security strategy must embrace and adapt to the modern technology world and threat landscape, and we must enable secure digital transformation.

What does ‘modernising security’ mean?

Modernising security means understanding and accepting that our organisations have evolved. In today’s world, data, users, and devices operate without the constraints of time or location. There’s a constant risk of attackers getting inside our SaaS, PaaS, IaaS, User Endpoints, and on-premises systems at any moment, challenging the traditional idea of securing a fixed perimeter.

It’s crucial to recognize that technology initiatives are no longer limited to IT departments, and valuable data can be found outside secure data centres, sometimes in less secure places. Unlike the past, applications are no longer solely housed in data centres; they are spread out. Modern security should align with the goals of digital transformation, supporting progress instead of creating obstacles.

In summary, modernising security is about dealing with a much broader range of potential attacks and adapting to the fact that organisations now seek more freedom than ever in their operations. It’s about securing data, users, and technology in a world that’s constantly changing and interconnected far and wide.

Why do we need to modernise our security?

Australian organisations need to update their cyber security strategies to keep up with the ever-changing digital threats. The old-school approach of treating our digital space like a castle with walls isn’t cutting it anymore. The rules have changed, and the traditional defences that used to work well are falling short against today’s savvy cyber adversaries.

A big reason for needing a more modern security strategy is that simply shutting down innovative business technologies or restricting access can backfire, turning security into a roadblock for business. This leads to the risk of losing a security team’s most important defensive weapon – which isn’t a tool or technology – it’s their power of influence within an organisation. In today’s world, where collaboration and innovation are key, being too strict with security measures can slow down business growth, make it harder to implement controls and slow down business cases to adapt to new cyber threats – which we can simply no longer afford.

Turning security into a roadblock for business... leads to the risk of losing a security team’s most important defensive weapon – which isn’t a tool or technology – it's their power of influence within an organisation.

On top of that, the bad guys have gotten smarter, and dealing with the complexity of old security methods is leaving organisations vulnerable. Complexity is security’s worst enemy (next to attackers of course), because too many alerts, constant patching, and dealing with outdated tech make our security architecture confusing. This not only makes it harder to spot threats in reasonable time but also increases our operational costs and ability to enact positive change. Studies show that sticking with overly complex security architectures can cost organisations around 31.6% more in the event of a data breach, adding up to a hefty USD 1.44 million burden.

Modernising cyber security strategies isn’t just about using the latest tech; it’s a strategic must-do. It’s about finding the right balance between encouraging innovation, keeping things running smoothly, and building robust defences against the ever-growing range of cyber threats. It’s a shift towards being proactive, flexible, and covering all the bases to handle the dynamic digital landscape in Australia, ensuring that organisations stay resilient against the constantly evolving world of cyber challenges. Essentially, it’s about being secure, adaptable, and seamless all at once.

The ingredients of a modern security strategy

So what ingredients do we need in our recipe to cook up a modern security architecture & strategy? Below are the ingredients/themes we think organisations should look to in 2024 and beyond. These are high level explanations only and we’ll be expanding upon each in upcoming content:

Closing Words

The ever-shifting conditions of cyberspace undoubtedly represent challenges for many organisations’ cyber security teams, but they also represent enormous opportunity. We see previous controls that were difficult to implement such as application control, network segmentation, external remote access, identity governance and cloud workload security become possible and far easier to implement than ever before. We see Artificial Intelligence having real tangible value to increase defences around risk scoring, efficiencies in threat hunting – meaning cyber security teams can do more with less. To top it all off, we are seeing that security can make the user experience more seamless for an organisation with reduced cost and complexity – something nigh impossible in the past without added risk. The time is now to implement a modern, robust security architecture – for it is now within reach of any organisation of any size.

Lee Roebig Sekuro 2024

Lee Roebig

Director of Strategy & Architecture, Customer CISO, Sekuro

Lee is an experienced Cyber Security professional with 17+ years in the technology Industry. He has previously worked in cyber security leadership and architecture roles inside multiple global organisations prior to joining Sekuro. At Sekuro, Lee helps clients with Cyber security strategy, Zero Trust, Virtual CISO, mentorship, executive advisory and security architecture. He has worked with numerous clients on cyber security strategies across industries such as health, insurance, construction, manufacturing, leisure including multiple ASX listed companies.

More Articles

Visit Our Blog
Tagged