Digital Business

Macquarie responds to Aust Govt cyber security moves so far

THE FEDERAL Government published industry responses for reforms to Australia’s cyber security legislation on Thursday, including those from Macquarie Technology Group, AWS, CyberCX, AISA, Tech Council of Australia, Telstra and others.

In its submission, the Macquarie group calls for the creation of a co-regulatory industry group modelled on the existing Communications Alliance, which it says will foster collaboration with the Australian Signals Directorate and National Cyber Coordinator.

The company also called for smaller businesses not to be exempted from reporting rules, enabling better threat intelligence sharing to support smaller businesses in that regard. Macquarie further called for the government’s proposed Cyber Incident Review Board (CIRB) not to be modelled on the Australian Transport Safety Bureau (as has been suggested), and for business-critical data to be regulated under the Security Of Critical Infrastructure (SOCI) Act, not the Privacy Act.

Other key points raised in the Macquarie submission included not limiting ransomware reporting obligations to businesses of a certain size or threshold; including small businesses in the regulatory process so that threat sharing would be made simpler; the suggestion of what it called a new Cyber Alliance Board to boost collaboration; the Federal Government taking a lead from other co-regulatory approaches, such as those used in the telecommunications sector; and looking at other models both national and international. 

In its submission Macquarie gave its views on each of these areas:

“Macquarie is however concerned about limiting this [ransomware] reporting obligation to businesses of a certain size or threshold. This concern is twofold. Firstly, Macquarie repeats its general concerns regarding exceptions to cyber security standards. In order to close the gaps in our current legislative and regulatory framework for cyber security (an aim of the Paper), we need a fulsome legislative response rather than have specific businesses not subject to the regimes.

“Macquarie submits that the way to assist small businesses and the perception that they may not be in a position to absorb the additional regulatory burden imposed by a new reporting obligation is to make the threat sharing as simple as possible.

“We strongly acknowledge the importance of this collaboration [between the ASD Cyber Coordinator] and have considered the issue in detail and suggest that Government consider the establishment of a Cyber Alliance Board to assist this objective.

“To best achieve outcomes while working together we suggest the Australian Government look to other co-regulatory approaches to support and encourage industry self-regulation as models for best practice. The telco sector in specific, which is a related field (with technology, data and connectivity being at the core), provides a useful precedent for co-regulation.

“The co-regulatory model, or Cyber Alliance Board, could focus specifically on co-regulatory and legislative matters while keeping the existing [Trusted Information Sharing Network] TISN, industry and security discussions separate. For example, the current SOCI reviews the subject of this paper and those scheduled for 2025 would clearly benefit from a legislative guidance from key cyber industry stakeholders. 

The United States’ Cyber Safety Review Board (CSRB) is a potential model [for the CIRB]. However, we disagree that the Australian Transport Safety Bureau (ATSB) is a precedent that should be followed. The ATSB was formed on 1 July 1999 and it investigates transport safety matters. This is a very established area with known and recognised risks and solutions which have been drawn from decades of research and data. Cyber is far less known.

“We have heard some feedback from members of industry that the best place for regulating business critical data is the Privacy Act. We strongly disagree. The Privacy Act does not provide guidance and regulation on how to best store data and respond to breaches. The SOCI regime does. The Government must look beyond an individual rights approach which the Privacy Act provides.”

Macquarie’s full submission can be read here.



AI is the ‘defining’ tech trend in 2024 say Aussie IT leaders

MORE THAN two-thirds of Australia’s top tech leaders say artificial intelligence (AI) is on track to be the defining technology trend for 2024.

That is the conclusion of research just released by the Tech Council of Australia (TCA) in partnership with Datacom. The report also highlights key growth opportunities and challenges.

TCA acting CEO, Ryan Black said, “With continued AI innovation and adoption seen as the defining tech trend of 2024, Australia needs to make sure it creates the right environment to capture the huge economic and productivity benefits. Generative AI alone has the potential to add up to $115 billion to the Australian economy annually by 2030. 

“This rapidly evolving technology can drive economic value through two main channels: improving existing businesses through productivity and quality gains, and creating new products and services.
“While increasing awareness will help drive AI innovation and adoption, it will need to be coupled with greater regulatory certainty and a clear national plan for growing Australia’s AI capabilities. The 2024 Federal Budget provides an opportunity to continue this important work,” Mr Black said.

“Tech leaders have also rated cyber security as an ongoing area of focus. Major cyber attacks and data breaches in recent years have demonstrated the urgent need to uplift cyber resilience.

“This will require sustained and ongoing action by governments, businesses and the broader community.”


Tech leaders look to quantum and space

The survey results also demonstrate the tech sector is thinking ahead to other emerging technology trends on the horizon. Nearly one-in-six tech leaders surveyed think deep tech areas such as quantum and space could overtake AI as the defining tech trend for 2024.

“While AI is absolutely front of mind, the results show that emerging technologies in lesser-known areas of the tech sector may become dark horse trends this year,” Mr Black said.
Datacom Australia managing director Alexandra Coates said, “We know tech adoption comes in waves, and at any point, a single form of technology can gain prominence fast.

“Advances in deep-tech areas like quantum technology and space are on the horizon, but as technology progresses, cyber security threats will continue to affect businesses, and therefore, a stronger emphasis on data protection solutions, such as zero-trust architecture and security, will be a priority for our country's top tech leaders,” Ms Coates said.

The report also notes the role Australia’s tech sector plays as it continues its trajectory of growth as a significant part of our economy and emphasises the need to support scaling companies to ensure they can retain local talent and grow in a small market.
“It is great to see that insights from the report reflect the optimism of our tech sector and its significant contribution to the economy,” TCA’s Mr Black said.
“Australia’s tech leaders see the potential for growth and the opportunity from AI and emphasise Australia’s key strengths as a tech sector, including great local talent, collaborative working culture and a great lifestyle. However, our tech leaders are honest about some of our biggest challenges, noting Australia is a small market, which can hinder opportunities for growth and create the need for international expansion for many Australian companies.”
“Importantly, many of these challenges are shared across the economy and with government, which highlights the continued need to work together with the tech sector and government on ways to support and harness our scaling tech companies and ways for greater tech adoption across the economy.”

Key insights:

  • More than two-thirds of tech leaders expect AI to be the defining technology trend for 2024.
  • 1 in 6 surveyed tech leaders think deep-tech areas such as quantum and space can overtake AI as the defining trend of 2024.
  • 50% of respondents identify overseas growth as a priority and number one opportunity for 2024.
  • 67% of tech leaders see Australia as distinct, with a special set of strengths and weaknesses compared to Silicon Valley (i.e. other tech hubs).
  • Overwhelmingly, more than 61% of respondents said the number one change that would positively impact tech sector growth in 2024 would be to introduce tech adoption or investment incentives.
  • More than 50% of tech leaders have an impact or Environmental, Social and Governance (ESG) strategy in place.


Technology leaders comment

In response to the Australian Tech Leaders Survey 2024 from the Tech Council of Australia and Datacom, a range of Australian technology leaders put forward their views.


Business should ‘be pragmatic’ about AI

Airwallex managing director and general manager for Australia and New Zealand, Luke Latham said, “There's obviously a lot of excitement about AI, particularly since it has been normalised with ‘generative’ use cases and the potential impact on internal productivity and product development, but businesses should be pragmatic about its adoption.

“AI’s efficacy will ultimately be determined by the underlying data to inform these tools. After all, its outputs will only ever be as good as its inputs, so investment in getting the foundations right is vital, without that businesses will struggle to yield these aspirational results.

“The current economic climate has seen focus and recalibration in corporate and labour market dynamics and 2024 will be no different than the prior year – investments in operational excellence and people will wield the most compounding impact on businesses in 2024.

“Organisations should be focused on fostering a strong, purpose-driven culture which aligns the workforce with the company's core values and drives innovation.”


Generative AI can transform task management 

Learning and development content platform, Go1co-CEO, Chris Eigeland said generative AI (GenAI) would transform the management of daily tasks.

“GenAI and immersive experiences will have a significant impact on our lives this year, both personally and professionally. GenAI will transform how we manage and complete our daily tasks, which will galvanize our creative energy and unlock new learning experiences.
“GenAI will redesign how we work – shifting from software as the ‘librarian’ of our information to software as our ‘advisor.’

“With Apple now entering the spatial computing market, it is now impossible for companies to ignore the immersive environment – and as the affordability of headsets improves, learning and training on the job is a prime area to watch. Immersive learning will be key, as it facilitates new ways of learning through different formats, styles, and modalities.

“These two leading trends will force trust and integrity technology to emerge in the coming year. Verifying the authenticity of content will become increasingly difficult and new players will emerge to match the threat.”

Stepping beyond machine learning

Residential and commercial real estate platform innovator REA Group’s chief product and audience officer, Melina Cruickshank said AI was the logical extension to the machine learning systems the company had been developing and utilising for many years.

“I’m not surprised to see AI and cyber security at the top of the list for 2024 tech trends.AI offers significant opportunities for businesses and at REA we continue to heavily invest in implementation and experimentation as the technology develops.

“Machine learning has been a key enabler of’s consumer personalisation strategy for many years and the next step as we further leverage AI to add value for our customers and enhance our consumer experience is exciting.
“Millions of people turn to every month and new technology allows us to make a genuine difference in how Australians buy, rent, sell, and finance property. We must not forget that although AI has the power to drive innovative product development, along with greater productivity for businesses, it’s my view that the supreme creativity of humans will still have its place.
“As technology advances, cyber security and data privacy must remain at the top of the priority list for all organisations. Rising expectations from consumers and increasing privacy obligations mean we need to look beyond our direct operations when we think about risk mitigation.

“We know anyone can be targeted, and investing in these areas remains a top priority for REA and should be so for all businesses."

Financial services platform sees AI as a security aid

Real-time, account-to-account payments infrastructure innovator Zepto CEO, Chris Jewell said both AI and better payments technologies will develop to improve the industry’s speed and reliability.

Mr Jewell said in terms of AI, “Working together as an industry to drive down the unacceptable level of scams and  raud targeting Australians continues to be front and centre for us as a financial infrastructure business.

“I expect this year we will see further innovations in AI used to help the industry fight this fight.”

“From a payments technology perspective, we’re going to see momentum and growth in real-time payments, particularly in regards to PayTo. Towards the end of last year, a 2030 retirement date was set for the country's legacy direct entry payments workhorse, BECS.

“Having that line in the sand has been a catalyst for vital conversations about transitioning to modern digital payment alternatives that will create more value for our economy, for businesses, and consumers.”


Infoblox exposes cybercrime group VexTrio operating a huge criminal affiliate program targeting Australia

INFOBLOX has released new research unveiling a set of large-scale malicious cybercriminal partnerships led by VexTrio, the group cybersecurity specialists refer to as ‘an insidious threat actor’.

The partnerships involve a more than 60-strong underground affiliate network and are seeing high volumes of malware and other malicious content delivered to networks in Australia, New Zealand and across the globe.

Formed more than six years ago, VexTrio is now one of the world’s largest malicious networks targeting internet users today.

“While cybercriminals are often portrayed as gangs of hackers or lone brilliant coders, more often they buy and sell goods and services as part of a larger criminal economy,” Infoblox head of threat intelligence, Renée Burton said. Now operating in the commercial cybersecurity world, Ms Burton is a former senior executive (DISL) with the US National Security Agency (NSA).  

“For example, some actors sell malware services, and malware-as-a-service (MaaS) allows buyers easy access to the infrastructure necessary to commit crimes. These service providers also form strategic partnerships, similar to the way legitimate companies do, in order to extend the limits of their current operations.

“Such relationships are forged in secret and may include a number of partners, making them difficult to untangle and understand from an outside perspective.”

VexTrio acts as a cybercriminal broker and operates traffic distribution systems (TDS) that route users based on their device, operating system, location, and other characteristics to malicious websites.

VexTrio has largely evaded detection and strengthened its resilience against internet service providers’ efforts to suspend its assets, all while building up a unique ‘partner program’.

Key findings of report

The report has identified that VexTrio creates the single most pervasive threats in Infoblox customers’ networks, active in more than 50 percent of networks in just the last two years.

The threat actor acts as a broker of malicious traffic for more than 60 cybercriminal affiliates.

Partnerships tend to be longstanding and operate in a unique way, with VexTrio providing a number of dedicated servers to each affiliate.

Despite connecting millions of web users to malicious content for more than six years, VexTrio has largely evaded detection due to its successful business model that feeds on web traffic from its affiliates and has infrastructure built on compromised websites.

Two of its largest affiliates are ClearFake and SocGholish; malicious JavaScript frameworks that present website visitors with harmful content and inject malicious JavaScript into vulnerable websites, respectively. SocGholish is widely considered to be one of the top three global threats today.

VexTrio is a prolific domain name system (DNS) attacker and has more than 70,000 known malicious domains.

Drive-by compromise attacks

According to Infoblox, the most common attack method deployed by VexTrio and its affiliates has so far been the ‘drive-by compromise’, where actors compromise vulnerable WordPress websites and inject malicious JavaScript into their HTML pages. 

This script typically contains a TDS that redirects victims to malicious infrastructure and gathers information such as their IP address. VexTrio also operates SMS scams where it sells victims’ phone numbers to other cybercriminals.

“Although difficult to identify and track, blocking VexTrio at the DNS level can disrupt and protect against a large spectrum of cybercriminal activity,” Ms Burton said.

“This can be achieved through using tailored DNS signatures and statistical-based algorithms to identify VexTrio’s intermediary TDS servers and domains shortly after they are registered.

As Australian organisations look to raise their security posture in the wake of the new Cyber Security Strategy, it’s important to understand how DNS threat actors like VexTrio operate, particularly as more than 90 percent of malware depends on DNS at some stage of its execution.”

Infoblox specialises in uniting networking and security to deliver high performance and high protection at the same time. Many Fortune 100 companies are Infoblox clients as well as an ‘emerging innovators’ group for whom cyber security is evermore paramount. Infoblox promises “real-time visibility and control over who and what connects to your network, so your organization runs faster and stops threats earlier”.

The full report on VexTrio and its affiliate network can be found here.

Infoblox is also on LinkedIn and Twitter.




ASBFEO backs banking industry pledge to head off scammers crippling small businesses

THE Australian Small Business and Family Enterprise Ombudsman (ASBFEO), Bruce Billson, has welcomed the significant commitment announced today by the banking industry to "better support small businesses to combat scams".

Mr Billson said a $100 million upgrade across the banking sector to confirm who money is being paid to by matching names with account numbers will particularly benefit small businesses who too often fall victim to the invoice substitution scam. 

“Nefarious cyber criminals can wreak havoc for a small business but sadly the number of scams and the size of the losses for small and family businesses is growing,” Mr Billson said.

“When a criminal impersonates your business, it not only costs you and your customers money but can damage your brand and lead to a loss of consumer trust and confidence and the ability to operate. Too often, it can be an enterprise-ending event for a small business.”

Scamwatch data shows small businesses lost $13.7 million to scams last year, a 95 percent increase compared with the previous year. The biggest contributor to these losses were payment redirection scams.

Mr Billson said small businesses had been particularly vulnerable to the invoice substitution scam – also called payment redirection scams or business email compromise – where cyber criminals get into their computer system and intercept emails to customers and insert different bank account details.

“A small business sends an invoice to somebody and the criminal changes the banking details," Mr Billson said. "When it lands in the customer's inbox, it looks legit and is a bill they were expecting so they pay it. The money goes to the criminal’s bank account and is quickly shifted, usually to crypto currency, and is gone.

“These jokers run off with the money, the customer has done their dough, and the small business hasn’t been paid," he said.

“ASBFEO has been highlighting the urgent need for a ‘confirmation of payee’ scheme to be introduced in Australia, noting similar programs operate in other countries offering a really practical safeguard. This ensures people can confirm they are transferring money to the person intended and that names are matched to BSB and account numbers.

“Today’s pledge by the banking industry to roll out a new confirmation of payee system will go a long way to stopping scammers being able to divert invoice payments by simply and silently changing a bank account number.”

Mr Billson noted the package of measures announced by the Australian Banking Association and the Customer Owned Banking Association will apply to commercial banks, customer owned banks, mutual banks, building societies and credit unions.

It will include more use of biometric checks and other controls to prevent scammers opening fraudulent bank accounts in other people’s names by using stolen information from driver’s licences, passports and other identity documents.

There will also be increased warnings and payment delays for suspicious transactions, limits on high-risk payment channels, which can include crypto platforms, and greater intelligence sharing across the banking sector using the Australian Financial Crimes Exchange.

However, Mr Billson said beating the scammers relied upon everyone being at their best by doing what they can to tackle the scourge of cyber crime and to “listen to our Spidey senses if something doesn’t seem right”.

“Business owners wouldn’t leave the door open with the light on at night when there's no one there, so they must take the right steps and safeguards in the digital world,” Mr Billson said.

“Telecommunication companies are trying to do their bit via what's called a ‘clean pipes’ initiative, where they cut off a lot of cyber threat traffic through the telecommunications infrastructure.

“And just last week the Australian Government announced two programs offering small businesses practical help to minimise the chance of falling victim to a cyber attack and to better prepare them to bounce back."

Mr Billson said next week is Scam Awareness Week and an ideal time for small business owners to take a few extra moments to check they have appropriate safeguards in place.

“Scamwatch says three in every four scam reports involve criminals pretending to be people we should trust,” Mr Billson said.

The new National Anti-Scam Centre said small business owners who feared they had fallen victim should contact the Report a Scam website ( and dedicated resources to combat scams can be found at

The Australian Cyber Security Centre, through the website, provides resources and guides for small businesses on how to manage information and secure their businesses, including a free Cyber Security Assessment Tool that can help identify the cyber security strengths of a business and learn how to improve cyber security:

The website also contains information on how to recover and small businesses can report cyber attack incidents through 1300 CYBER1.

The ASBFEO website includes simple steps and a checklist to better protect small businesses:

ASBFEO's website also has a video offering tips which can be viewed at:




Cyber attacks and other key misconceptions that derail the cloud journey for small-medium businesses

By Josh McHugh-Cullen >>

MANY small to medium business (SMB) owners share a common misconception. In a world of rapidly accelerating cybercrime targeting enterprises, public infrastructure, and even governments, they often think they are far too small to entice hackers or cybercriminals.

On the one hand, cyberattacks on SMBs are unlikely to make the news in the same way that breaches impacting the personal details of millions of Australians will. However, that does not mean SMBs are immune to attacks.

Between July 2021 and June 2022, the Australian Cyber Security Centre (ACSC) received over 76,000 cybercrime reports. The average cost per cybercrime reported was over $39,000 for small businesses, $88,000 for medium businesses, and over $62,000 for large businesses. Unfortunately, SMBs are being targeted by threat actors, and the costs are significant. 

Cyberattacks are increasingly sophisticated and SMBs are being targeted because they are often viewed as easier targets than enterprises that are able to invest heavily in cybersecurity.

This means that SMB leaders need to prioritise cybersecurity in the most effective and cost-efficient way possible—which is migrating to the cloud and leveraging built-in, cloud-first security protocols.

Improved security is only one of the many benefits of the cloud for SMBs. Access to new business models, reduced costs, improved collaboration, and better opportunities for innovation are giving SMBs an edge in the competitive market.

Misconceptions are derailing the cloud journey for SMBs

Despite these benefits, some SMBs are still hesitant about the cloud. The most common concerns include:  

  • Security: SMBs often fear that cloud services might be more susceptible to hacking, data breaches, or unauthorised access compared to on-premises solutions.
  • Cost: while cloud services reduce costs in the long term, initial costs and ongoing subscription fees are sometimes believed to be more expensive than existing on-premises servers.
  • Customisation: out-the-box cloud services are built to cater to a broad audience, and this lack of customisation can be frustrating for SMBs that have unique processes or specific workflow requirements. 
  • Dependency: when a business moves its data and services to the cloud, it becomes dependent on the cloud service provider, creating concerns about business continuity and reliability. 
  • Compliance: SMBs might not be sure if the cloud provider meets the necessary compliance standards or how to ensure that they remain compliant while using cloud services. 
  • Data sovereignty: data is subject to the laws and governance structures of the country in which it is located. By storing data in the cloud, it might be stored in a different country with different laws regarding data privacy and security.  
  • Legacy systems: transitioning to the cloud can mean abandoning investments into legacy systems.

While these concerns are persistent, even after many cloud-native businesses have proven the agility and flexibility of operating in the cloud, they are unfounded.

For example, the cloud can mitigate the risk of cybercrime and prevent hackers from accessing and capitalising on sensitive data that can compromise employees, suppliers, customers, and businesses. Cloud migration can be a minimal initial investment that opens up more budgeting agility with fixed monthly subscription costs or pay-per-use consumption models.

The dependency on cloud up-time is also an unfounded fear, as most clouds have several redundancies built in, offering high levels of guaranteed uptime. Similarly, out-the-box services are built on best practice and actually help SMBs to follow tried and tested processes that support business growth rather than investing in expensive customisations that are difficult to scale.  

Finally, the cloud offers SMBs the ability to reduce costs associated with IT teams, deliver on-demand work environments, provide readily accessible data in real-time, and improve decision-making and the customer experience.

Simplified migrations to the cloud

Operating in the cloud can be both simple and intuitive; however, migrating to the cloud is often more complex than many SMBs expect. A DIY approach tends to feed into the concerns SMBs initially had, derailing digital transformation even further.  

The different types of clouds and services, each with their own advantages and disadvantages, can be overwhelming. Migration to the cloud requires a thorough assessment of the business’s infrastructure, careful planning, testing and retesting, scaling, and ongoing management.

Enlisting the support of experienced partners can alleviate the complexity associated with cloud migration and help SMBs identify the best cloud solution for their needs while providing guidance on using these solutions effectively. 


About the author

Josh McHugh-Cullen is the regional sales executive for ECI Software Solutions. ECI Software Solutions’ mission is to empower the entrepreneurial spirit, assisting small and medium-sized businesses to compete and grow by providing industry expertise and purpose-built solutions that make doing business easier.


Cybersecurity checklist for working remotely 

WHILE REMOTE WORK offers flexibility and new opportunities, it also presents cybersecurity challenges.

As more organisations adopt remote and hybrid working practices, there is an increase in access to sensitive data from various locations. This has caused targeted attacks to rise, often exploiting human emotions through tactics like phishing, pretexting, and baiting.  

TeamViewer Asia-Pacific president, Sojung Lee, said, “Social engineering attackers have used these tactics for a long time. These tactics work because they prey on human nature, manipulating it to gain unauthorised access to confidential information. 

“Unfortunately, attacks are becoming more personalised and targeted, making it essential for every team to recognise these dangers and be prepared to fight against them.” 

Cybersecurity checklist for remote working 

Ms Lee said very few people were information technology (IT) experts and many may not know where to start. However, following the advice of a cybersecurity checklist can help companies keep safe from cyber threats, even when employees are working remotely. 

Check 1 — Education and awareness:  

  • Recognise targeted attacks: regularly train staff to identify spear phishing, whaling, and other targeted attacks that exploit personal information. 
  • Avoid unknown devices and baiting:educate employees not to plug unfamiliar devices like USBs into their systems. Highlight the risks of baiting, where malicious devices are left for workers to find.
  • Implement protocols against pretexting: establish protocols and code words to minimise risks from pretexters impersonating legitimate access holders, such as vendors or technical support. 
  • Encourage caution with personal information: warn against sharing personal details that could be used in spear phishing campaigns. 
  • Promote continuous education: emphasise that ongoing learning is the cornerstone of cybersecurity, especially in remote settings. 

Check 2 — Implement protocols and leverage technology: 

  • Use multi-factor authentication (MFA): employ MFA for connections and accounts for added security. 
  • Restrict USB port usage: control access to USB ports or use alternatives that remove the need for physical devices. 
  • Implement secure access features: use methods that ensure connection without passwords for stronger validation. 
  • Leverage certificates: company-wide certificates, paired with trusted services that allow their implementation, provide easy and highly secure access. 

Check 3 — Promote password best practices:

  • Encourage unique passwords: advocate for different passwords across various sites and services. 
  • Recommend trusted password managers:promote the use of reliable tools for secure password storage. 
  • Cultivate good password hygiene:foster a culture that appreciates and practises secure password habits. 

“In a world where remote access is integral to business, organisations need to take full responsibility and implement a strict zero-trust policy, limiting access to critical resources and confidential information with designated role management and conditional access capabilities,” Ms Lee said.

“Together with an educated workforce organisations can build a resilient, multi-layered defence, mitigating the constant threat of security incidents. 

“Having a cybersecurity checklist is more than just a set of guidelines, it’s an essential part of business strategy in the remote working era,” she said.

“By adhering to these principles and leveraging the right technological solutions, organisations can maintain integrity and resilience against the constantly evolving cyber threats. 

“It’s essential to always err on the side of caution and recognise that social engineering preys on human nature itself. Understanding this is the key to preventing companies from becoming the next victim of these time-tested strategies.”


Australian businesses strengthen cybersecurity, rattled by major organisational breaches

AUSTRALIAN enterprise leaders are steadily recognising and unearthing growing threats, assessing risks and changing strategies to better detect and respond to attacks, according to a new ISG Provider Lens report

The recent series of damaging, high-profile data leaks in Australia has changed the way Australian organisations approach enterprise security and procure cybersecurity services, according to the new research published today by Information Services Group (ISG, Nasdaq: III), a global technology research and advisory firm with runs on the board in cybersecurity.

The 2023 ISG Provider Lens Cybersecurity Solutions and Services report for Australia has found the attacks revealed escalating threats and changed cybersecurity from solely an information technology (IT) issue to a closely monitored enterprise challenge.

“Australian companies recognise the business dangers of data leaks,” ISG Cybersecurity director for ANZ and Asia Pacific, Joyce Harkness said.

“Top management and boards are increasingly interested in cyber risk and the quantification of such risk, and are involved in decision-making about strategies, products and services.” 

The Australian Government has strengthened the country’s cybersecurity response by imposing the Notifiable Data Breaches (NDB) scheme, which requires organisations to report breaches, and working with the state of South Australia to establish the Australian Cyber Collaboration Centre, an incubator for new security solutions and initiatives.

More recently, the Federal Government unveiled the 2023-2030 Australian Cyber Security Strategy, aimed at making Australia one of the most cyber secure nations in the world by 2030. The government also appointed the Australia’s first cyber security coordinator and began operationalising the Security of Critical Infrastructure Act 2018.

Plugging security capability gaps

Recent attacks revealed that even large Australian enterprises had cyber capability gaps, the report said.

Most had invested heavily in cybersecurity controls but focused only on preventing breaches and assumed all sensitive data was in offices. In reality, the ‘attack surface’ has expanded with the rise of remote work, digital engagement, an expanding supply chain and the internet of things (IoT).

Mistakes inside organisations and among IT provider partners, such as employees falling prey to phishing attacks or making configuration errors, are thought to have played a major role in recent leaks in Australia and elsewhere.

ISG reported that, as a result, Australian enterprises had “begun to assess their risk tolerance, evaluate current controls and take an ‘assume breach’ approach, recognising that not all breaches can be prevented and focusing on rapid detection and response”.

As they migrate to the cloud over the next few years, many Australian companies are expected to invest in cloud-based solutions, such as extended detection and response (XDR), the report said.

The report deduced that companies with multiple cybersecurity tools, “which often generate false positives that require manual intervention” will also need greater automation and interoperability to relieve the pressure on security operations centres (SOCs). The role of artificial intelligence (AI) is expected to grow exponentially, often to secure IoT assets.

“We expect strong growth in the Australian security market over the next five years,” ISG Provider Lens Research partner and global leader, Jan Erik Aase said.

“Enterprises and providers will be investing heavily in both new technologies and essential skills.”

Australian business tries to get it right

The report also explored other cybersecurity trends in Australia, including the increasing adoption of zero-trust frameworks and next-generation identity and access management (IAM) to maintain high-level security while enabling improved customer experience.

The 2023 ISG Provider Lens Cybersecurity Solutions and Services report for Australia evaluates the capabilities of 82 providers across six quadrants: identity and access management (IAM), extended detection and response (XDR), security service edge (SSE), technical security services, strategic security services, and managed security services (SOC).

The report named IBM as a leader in four quadrants. It names Accenture, CyberCX, Deloitte, DXC Technology, Fujitsu, NTT DATA, Telstra, Tesserent, Verizon Business and Wipro as Leaders in three quadrants each. Microsoft is named as a Leader in two quadrants.

Bitdefender, Broadcom, Cato Networks, CGI, Cisco, CrowdStrike, CyberArk, EY, Forcepoint, HCLTech, Infosys, Kasada, KPMG, Netskope, Okta, Palo Alto Networks, Ping Identity, PwC, SailPoint, Tech Mahindra, Unisys, Versa Networks, VMware and Zscaler are named as leaders in one quadrant each.

In addition, Kyndryl is named as a ‘rising star’ — a company with a “promising portfolio” and “high future potential” by ISG’s definition — in two quadrants. BeyondTrust, HPE (Aruba), Macquarie Telecom Group and SentinelOne are named as rising stars in one quadrant each.

The 2023 ISG Provider Lens Cybersecurity Solutions and Services report for Australia is available through



Contact Us


PO Box 2144