Robust cyber defences need strong collaboration
Cyber security threats are increasing in volume and sophistication. (Getty)
In Australia, there is one cyber attack every eight minutes. Our adversaries are becoming more prolific and more sophisticated. And they don’t play by the rules.
For cyber security professionals, in all industries, that puts us at a disadvantage because we must defend and abide by those rules – we have to operate within the parameters set by our organisations, within ethical boundaries and within the law.
That’s why it’s vital that players across the cyber security ecosystem work together to harness our collective strengths.
We must step up collaboration efforts in order to protect our shared set of customers – whether they be citizens of Australia, or any country in the world – from criminals and the other attackers that threaten us all.
When I reflect on the progress we’ve made, I think back to July 2003, when Westpac was hit with its first phishing attack. It was a ghost website mirroring our own, asking customers to enter their details. There was nothing sophisticated about it – it was clearly a poorly constructed website – but we’d never seen anything like it before, and it proved frustratingly hard to get rid of. Within a matter of weeks all of Australia’s big four banks had experienced similar attacks.
Very quickly, we convened a first meeting of chief information security officers across Australian banks, to compare notes and discuss plans of action. It was clear by that point that this wasn’t a one-off, and that we had to work together in response.
The attacks we see today are much more advanced, but so is the level of collaboration that we have managed to achieve since those early days. Among the banks and across industry sectors, we now meet a few times a year, backed by other informal real-time sharing networks. We work closely with the police, government agencies including the Australian Cyber Security Centre, and industry bodies.
Ransomware attacks are on the rise. They work by locking up or encrypting your files so you can no longer access them. A ransom, often in the form of cryptocurrency, is demanded to restore access to the files. (Getty)
The response to major cyber attacks, including the NotPetya and WannaCry ransomware incidents of 2017 and the Log4j vulnerability of 2021, were significantly enhanced by this global collaboration across governments, corporations, and security researchers. During incidents like these, you can never have enough friends.
Still, we cannot rest on our past successes.
The volume and severity of the threats we face is increasing. We must continuously improve information sharing among organisations in the early stages of a potential incident and throughout: minutes matter and every detail could be critical.
Collaboration is key at all levels – whether it be internally across our organisations, across industries, or between countries. We’re best when we bring diversity of thinking to bear against a common challenge, adopting the mindsets of both the defenders and the attackers (and everyone in between) to test our defences regularly.
And at the core of every organisation lies our biggest strength: our people. If they are equipped with the right education and awareness and the right tools, they can be our greatest sensors. If we can help them build great cyber habits at work, it’s our hope that those habits will also protect them at home, and help them help their friends and family as well, lifting the cyber awareness and capability of our communities at scale.
It’s crucial that we work hard to collaborate with our customers and the communities where we operate. For Westpac, that’s translated to our support for IDCare’s Cyber Resilience Outreach Clinics, which go out to remote communities to empower people with simple steps they can take to stay safe from cybercrime. We also partner with Grok Academy on the Schools Cyber Security Challenges program, which gets cyber security onto the curriculum, and hopefully inspires young people to consider a career in the sector.
We’ve also worked with the ACSC to publish a cyber security playbook for businesses, to help people develop their own incident response plan.
Collaboration and network building is key to squaring up the asymmetric advantages that the enemy has against us. It helps us to bring scale and corporate capability to the problem. Against a common enemy, only a coordinated defence makes sense. Our experiences have proven that we are at our strongest when we work together.
This is an edited version of a speech given by Richard Johnson to the Financial Services Information Sharing and Analysis Center.