Digital Business

Industry and government to step up ‘cloud’ cyber security

THE AUSTRALIAN Cyber Security Centre (ACSC) and the Digital Transformation Agency (DTA) have released new Cloud Security Guidance to support the secure adoption of cloud services across government and industry. The guidance clarifies controls over data imposed by jurisdictions in which the data servers are based.

Federal Defence Minister, Senator Linda Reynolds CSC said the new guidance, which has been co-designed with industry partners, would boost Australia’s cyber security resilience. 

“The release of the new guidance coincides with today’s cessation of the Certified Cloud Services List (CCSL) which will open up the Australian cloud market, allowing more home grown Australian providers to operate and deliver their services,” Senator Reynolds said.

“This will provide opportunities for Commonwealth, State and Territory agencies to tap into a greater range of secure and cost-effective cloud services.”

Government Services Minister, Stuart Robert said the ACSC and DTA worked closely with industry to develop the new guidelines.

“Having been co-designed with industry, this will help and guide organisations to assess the suitability of a range of secure and cost effective cloud service providers to securely handle their data and ultimately boost Australia’s cyber security resilience,” Mr Robert said.

In addition, the ministers said the ACSC would grow and enhance the Information Security Registered Assessors Program (IRAP) to further support government and industry in implementing appropriate cloud security measures and increase their cyber security resilience.

Macquarie Government, part of the Macquarie Telecom Group, has welcomed the new guidelines.

Macquarie Government managing director Aidan Tudehope believes the guide highlights the importance of the legal authority that can be asserted over data based on its jurisdiction – with data hosted in global cloud environments at higher risk as it could be subject to multiple overlapping or concurrent jurisdictions, while in the hands of personnel outside of Australia.

“While we remain disappointed by the decision to discontinue the CCSL certification regime, we welcome the ACSC’s new guide for government departments to assess the security and risks of cloud service providers,” Mr Tudehope said. 

“This is about more than simply the physical geographic location where data is stored. Data sovereignty is about the legal authority that can be asserted over data because it resides in a particular jurisdiction, or is controlled by a cloud service provider over which another jurisdiction extends.

“Data hosted in globalised cloud environments may be subject to multiple overlapping or concurrent jurisdictions as the debate about the reach of the US CLOUD Act demonstrates. As the ACSC points out, globalised clouds are also maintained by personnel from outside Australia, adding another layer of risk.

“The only way to guarantee Australian sovereignty is ensuring data is hosted in an Australian cloud, in an accredited Australian data centre, and is accessible only by Australian-based staff with appropriate government security clearances,” Mr Tudehope said.

“Taken alongside Minister Robert’s planned sovereign data policy, this guide opens new opportunities for Australian cloud service providers.”

www.cyber.gov.au/acsc/government/cloud-security-guidance 

ends

Aussie SMEs must urgently smarten up cyber security

By Peter Maynard >>

HUNDREDS of thousands of Australian small and medium enterprises (SMEs) are at serious risk from cyber-attack, not only to themselves but also to others they deal with.

SMEs are increasingly becoming the target of choice for ‘bad actors’ and nation states looking for easy entry points to attack governments, critical infrastructure and larger enterprise – and this why.

Bad actors aggressively target SMEs because of their low cyber security posture and the valuable supply chain partner access and information they hold. It is much easier to steal sensitive data from a small business defence subcontractor than it is from the heavily fortified Defence department.

Or to elicit one employee’s username and password to gain system access than it is to ‘hack’ their way through a heavily fortified technical defence.

If there’s one thing we know about cyber criminals is that they are opportunistic and will look for the path of least resistance to achieve their objectives. Whether that’s deleting company data or holding it to ransom, shutting down a power grid, or stealing sensitive defence secrets, they’ll do it the easiest way they can, and this means targeting the weakest and most vulnerable. 

PANDEMIC SECURITY

COVID-19 has made rapid digital transformation a reality for almost any business trying to stay afloat. Irrespective of the organisation’s size or where they are in the world, it’s been: get online and do it fast!

But this rapid increase in reliance on technology is coming with an equally rapid escalation in cyber risk that’s leaving SMEs more exposed than ever.

The Prime Minister’s dramatic increase in support of cyber security has been warmly welcomed by most in the industry. Any cyber security program, whether Federal Government or small business, must be led from the top and there has been a gaping hole in Australia’s cyber leadership since Alastair MacGibbon (Australia’s former cyber security chief) exited 12 months ago.

With the heightened sense of urgency and authority, it would appear that Australia might be back on track with getting on top of cyber. But despite this resurgence in the importance and significance of defending against a heightened increase in cyber-attacks, are all organisations receiving the attention and support they need or are we fast developing a cyber ‘underclass’ in this country?

CYBER SECURITY UNDER-CLASS

Helping SMEs improve cyber resilience has always been a tough job. The Federal Government’s approach to date has focused on access to high level, self-help awareness resources like the Stay Safe Online program and Australian Cyber Security Centre’s (ACSC) Small Business Cyber Guidance.

And then there was the small business cyber security grant that really failed to hit the mark. But it’s not all doom and gloom. The Australian Cyber Security Growth Network (AustCyber) has been doing some great work supporting both SMEs directly and the innovative Australian companies that are building the solutions that will solve some of these problems.

Sadly though, this is where Australia’s cyber security strategy appears to lack the broader vision or the will and is running off the tracks. This is an area where we have seen little to no progression from the government over the past 4 years and the fear is that it may miss the boat once again in Australia’s upcoming 2020 Cyber Security Strategy.

We did learn something from the failed small business cyber security grant though. It further validated that small business isn’t going to get engaged on cyber without a stick or at least a much tastier carrot. So what’s the solution?

US TAKES APRA-LIKE APPROACH

The United States Department of Defense’s Cyber Maturity Model Certification (CMMC) program is set to commence in August this year and will require all Defense suppliers to assess their cyber risk posture and adhere to a set of standards.

It is just like the Australian Prudential Regulator (APRA) has done with financial entities and the third, fourth and fifth party suppliers that they use.

Governments at all levels can play a massive role when it comes to driving SMEs to engage on cyber security – and procurement is going to be the key.

Access to government work is somewhat of a holy grail for SMEs and they’ll do pretty much anything to get it and to keep it. If SMEs won’t engage voluntarily on making their businesses more cyber resilient then it’s time for the government to step in.

As the Australian Government finalises its 2020 Cyber Security Strategy it’s critical that we stop focusing on making the strong even stronger and broaden our approach and our thinking.

The return on investment from procurement driven cyber engagement programs targeted at SMEs would provide an uplift to national cyber resilience that would be unprecedented.

The most important point here is to start. It doesn’t have to be perfect. Just get something underway.

We may not have another four years to put this into the ‘too hard’ basket.

https://cybermetrix.com.au

 

Peter Maynard is founder and managing director of Australian cyber security firm CyberMetrix. 

Cloudian helps business tackle big data management storm

SPECIALIST BUSINESS mass data storage and management company, Cloudian, has officially launched its operations in Australia and New Zealand.

Cloudian, founded in 2011 by CEO Michael Tso, who attended high school in Melbourne, has become the world’s most widely deployed ‘independent object storage provider’ – a term used to describe Cloudian’s management, protection and leverage of massive data sets without sacrificing ease-of-access.

Cloudian’s award-winning HyperStore solution allows businesses to manage mass data without having to capitalise, exceed budget limitations, or run afoul of data sovereignty requirements.

Cloudian has a strong network of partnerships with some of the world’s largest cloud and technology companies, including Cisco, HPE, Lenovo, Rubrik, Veeam and VMware.

Led locally by Australian industry veterans James Wright and Jason Mantell – both with prior experience at Nutanix and Pure Storage – the company believes it is well positioned to capitalise on Australia and New Zealand’s heightened reliance on data. 

“Around 80 percent of the data created by organisations today is unstructured, primarily images, video and voice data,” Cloudian regional director for Australia and New Zealand, James Wright said. 

“But A/NZ enterprises and governments are struggling to store this data, protect it and analyse it, particularly given the limitations of traditional storage systems.

“Cloudian addresses this challenge, providing a limitlessly scalable, highly cost-effective and secure means to store and create real value from increasingly large data sets. We also deliver seamless integration and data movement across on-premises/private cloud and public cloud environments,” he said.

“With data playing an ever more central role in A/NZ and increased concern about public cloud data being stored outside national borders, there is a great opportunity to expand the company here.”

Cloudian aims to bolster its local team and partner network in the region and has already signed distribution agreements with Exclusive Networks and NextGen. The company has also begun working with managed service providers (MSPs) with expertise in the government, financial and other sectors across Australia and New Zealand.

CLOUD ‘REPATRIATION’

Mr Wright said Cloudian saw a significant opportunity in the increasing number of organisations rethinking public cloud storage due to unexpected costs, concerns about data security and control – including data sovereignty – and highly variable performance.

He said a leading industry analyst firm recently reported that 85 percent of IT managers surveyed said they were  moving some portion of their workloads back from public clouds, a process known as ‘repatriation’. 

He said Cloudian offered guaranteed compatibility with the S3 API, the widely adopted protocol of public cloud storage. This allows the full ecosystem of S3-compatible applications to employ Cloudian storage systems on-premises or as part of an in-country service provider’s offerings, which also preserves data sovereignty.

“A/NZ businesses are becoming more aware of the drawbacks of storing large volumes of data in the public cloud, but they want that same user experience,” Mr Wright said. 

“Because of our fully native S3 compatibility, we can provide the scale, flexibility and ease-of-use of the public cloud within a customer’s own data centre at up to one-third the cost.”

INCREASING RANSOMWARE THREATS

Ransomware attacks have become a rapidly growing global threat, and this region far from immune.

Mr Wright said research last month showed that such attacks had increased by 10 percent in Australia during COVID-19, while New Zealand has been named among the most vulnerable countries susceptible to a cyber-attack.

With a feature called Object Lock that prevents hackers from encrypting data, Cloudian can help Australian and New Zealand organisations to protect against this threat.

“We know that ransomware attacks often come more than once, as cyber criminals both identify the vulnerability and know the company is willing to pay to unlock their data,” Wright said.

“Object Lock creates an immutable copy of backup data, ensuring a clean copy for reliable recovery so businesses are covered when security measures fail.”

www.cloudian.com

ends

Digitisation a key driver of small business success - NBN research

THE Australian Small Business and Family Enterprise Ombudsman Kate Carnell said new research from the NBN proves "once and for all" that digitisation is a key driver of success in small businesses.

A survey of more than 1000 Australians conducted on behalf of NBN Co, has revealed close to half (49%) of respondents had increased their online shopping during the pandemic shutdown period and 70 percent were consciously supporting local businesses online.

But more than two thirds of respondents said even though they would like to support more local businesses, they were restricted by the limited digital presence of those businesses. 

“COVID-19 has delivered a harsh lesson that small businesses can’t rely on outdated business models and brick-and-mortar stores anymore,” Ms Carnell said.

“Digitisation is now essential for a small business to be truly competitive.

“PwC modelling estimates small businesses could unlock more than $49 billion of private sector output over a decade by adopting better use of mobile and internet technologies. More than half of this benefit could be realised in rural and regional Australia.

“The recent Buy from the Bush campaign is an excellent example – in just four months the 275 regional businesses profiled saw an average revenue increase of 300 percent. The campaign delivered $5 million to those featured small businesses – all of which had an online presence," Ms Carnell said.

“Equally, new research for the Shop Small campaign, revealed about a third of shoppers surveyed feel comfortable with returning to shops even though COVID restrictions are easing. It’s clear as we enter this new normal and live with this virus, having an online presence is critical for small businesses.

“We’ve found the most common roadblock to digital adoption has been not knowing where to start and fear of technology.

“There are a number of online workshops that offer good tips to small businesses. In particular, my office has supported the free Grow with Google sessions that cover everything from managing your business remotely to helping your business stand out online.

“We are also backing Kochie’s Business Builders’ Small Business First campaign, offering small businesses a free online directory listing, learning hub and community forum as they work to get back on their feet in these challenging times.”

www.asbfeo.gov.au

ends

Forbes-Vertiv data centre survey finds 71% of customers not having all needs met

JUST 29 percent of data centre user decision-makers say their current facilities are meeting their needs, and just 6 percent say their data centres are updated ahead of their needs.

These are among the findings included in a new report from Forbes Insights and Vertiv.

The Modern Data Centre: How IT is Adapting to New Technologies and Hyperconnectivity examines the results of a survey of 150 data centre executives and engineers from various industries around the world. 

The survey results indicate a troubling lack of planning and preparation for today’s evolving data ecosystem. A closer examination of the results reveals a stark contrast between executives and engineers: 11 percent of executives say their data centers are updated ahead of current needs while just 1 percent of engineers say the same.

“As today’s data centre evolves to incorporate enterprise, cloud and edge resources, thorough planning and foresight is needed to meet organisational computing requirements and business objectives,” Vertiv Global Edge Systems vice president, Martin Olsen said.

“It is clear, however, that many organisations are lagging on that front. With that in mind, we anticipate considerable investment and activity among businesses trying to catch up and get ahead of the changes.”

Tony Gaunt, senior director for cloud, hyperscale and colocation at Vertiv in Asia and India said, "In Asia, we are seeing growing interest and attention among organisations in future-proofing their critical infrastructure to adapt to the expanding connectivity and network requirements.

"But there is much work that still needs to be done. There is a need to re-examine existing strategies and continuously improve upon them to achieve business success."

Other notable results from the survey included: 

  • 92 percent of CIOs and CTOs say their business will require faster download and response times in the near future.
  • 63 percent say they have difficulty meeting bandwidth needs at all times.
  • Security (45%) and bandwidth (43%) are the two areas most in need of upgrades.
  • Security (43%), backup and emergency preparedness (33%), the ability to implement new technologies (28%) and bandwidth (27%) were the most commonly identified features that will give businesses a competitive advantage.
  • Respondents are bullish on self-configuring and self-healing data centers. 24% said more than half of their data centers will be self-configuring by 2025, and 32% said more than half would be self-healing.

www.vertiv.com

ends

The post-coronavirus future: live streaming from QODE Brisbane conference

WORLD-RENOWNED global futurist, Roey Tzezana, will today speak at QODE, a Brisbane-based virtual  conference broadcast on YouTube, discussing the impact of coronavirus on the world.

Dr Tzezana is a futurist and foresight expert who lives in the United States. He uses data to predict global events and has appeared on radio and television networks around the world discussing the future of technology and society.

Dr Tzezana will be conducting a keynote presentation at the virtual QODE Brisbane conference titled Global Impact of Coronavirus which will be streamed live on YouTube. 

With physical gatherings now banned in Australia, the organisers behind a Brisbane technology conference partnered with YouTube to stream the conference live, and in what’s believed to be an Australian-first, attendees will be able to visit exhibitor booths using virtual reality.

With more than 4000 people having been expected to attend the conference yesterday and today, QODE Brisbane was quick to team up with the world’s best-known video site, taking the event to the global stage.

QODE’s focus is the future of technology, and chief QODE officer Jackie Taranto said they’ve also teamed up with a Brisbane VR company, Visitor Vision, to offer a new way for people to view the conference exhibits.

“One of the key reasons people attend conferences is to visit the exhibitor booths to gain further insight into the products and information available, and for those exhibiting, it’s a really important way to access that market,” Ms Taranto said.

“We wanted to ensure attendees could still have that experience, and now they can. Using virtual reality, they can walk through the exhibitor booths as though they’re at the convention centre and can even jump on a call to chat with the exhibitor as they would face-to-face.”

As a result of the program being online, the exhibitor can access information about who has visited the booth, the company they’re from and if they’re interested in chatting further, which is often more information than they might be able to gain about a potential customer in a traditional expo setting.

Queensland Innovation Minister Kate Jones said moving the event online was in the best interests of all Queenslanders.

“No one can think outside the box quite like an entrepreneur or a small business person,” Ms Jones said. “The organisers of QODE have been clear – the show must go on. Or in this case, go online. In the true spirit of this event, rather than cancelling the festival, they’re taking the entire program online.

“This festival is about showcasing our best and brightest to the world. What better way to achieve that, than by sending the world a message – we have the resilience and the brains to keep this show on the road.”

Brisbane Lord Mayor Adrian Schrinner said it was fitting that a technology-based solution would see QODE Brisbane proceed.

“These extraordinary circumstances call for innovative solutions and what better way to ensure this important global event goes ahead than by embracing the latest technology,” Cr Schrinner said.

“While it is unfortunate that thousands of world-leading experts and delegates will not experience our great city at this time, I am pleased that Brisbane will still facilitate discussions on the technology trends and issues shaping the way we live and work.”

Speakers from the US and Israel are among those taking part in the virtual event, while some local speakers include Nine CEO Hugh Marks and Queensland Chief Scientist Paul Bertsch. QODE is supported by the Queensland Government through Tourism and Events Queensland and the City of Brisbane. All those who originally purchased a ticket to attend the event in person will be refunded.

The live-stream YouTube link is here.

www.qodebrisbane.com

ends

Leaders should deep dive into their own business data sets

By Leon Gettler >>

EUGENE Dubossarsky, head of the Analytics Academy and the chief data scientist at AlphaZetta believes the big challenge for companies was knowing how to manage their data.

He said data was very important for some businesses – and critical for some that don’t even realise it. Data should be used to help companies make the best possible decisions, Mr Dubossarsky said.

The greatest challenge for business owners and executives is data literacy. 

“I don’t think I need to convince anyone that anyone adding any economic value as a professional today is massively computer literate,” Mr Dubossarsky told Talking Business. “They would have been considered a total computer nerd 30 years ago.

“This is everyone from the age of eight onwards and everyone from an entry level graduate to a CEO in a large organisation.

“Something that hasn’t happened yet, but is in the way of coming, is the advent of data literacy where, in order to be economically useful and economically productive as a professional, people are going to need to know how to turn data into decisions, how to infer insights from data, how to be curious with data, how to self-served with data, in ways they currently aren’t now.”

DATA LITERACY ADDS VITAL VALUE

Mr Dubossarsky said a lot of productivity and value is being held back by the lack of data literacy on the part of most professionals, including most leaders today.

He said the way leaders can develop data literacy is to engage with data for the purposes of making decisions. Data analytics, he said, helps them make good decisions.

Mr Dubossarsky said managers needed to look at data in an interactive and curious way, identify opportunities and threats and turn those into business actions.

He is critical of companies resorting to hiring data scientists and avoiding doing the work themselves.

“Is hiring a bunch of very competent people in a particular field the right first step when you don’t know how to tell if they’re good or not, when you don’t know how to assess their work, when you don’t know what to do with their work?” Mr Dubossarsky asked.

“The sort of people who couldn’t tell a good data scientist from a bad one without a certificate, are they the sort of people who would know what to do with a good data scientist if they had one?”

HOLD OFF ON DATA SCIENTISTS

Mr Dubossarsky said hiring data scientists should not be the first step. What executives should do, instead, is engage with the data themselves and learn – then bring in expertise on an ad hoc basis.

“People who want to get into data analytics in a serious way need to spend a lot of time exploring and very honestly saying ‘I don’t even know where to start’ and very honestly accepting the fact that they will hit a lot of dead ends,” Mr Dubossarsky said.

“People need to be able to engage directly with this task of making better decisions and learning and growing towards it.”

He said one of the best historical examples of this was Winston Churchill.

“My favourite data enabled manager was Winston Churchill in World War Two,” he said. “One of the first things he did in his underground bunker office was to put another office right next to his, where his statistical unit was.

“Their job was to provide him with graphs of fighter plane production, ship production, ships sunk, troops lost, all the things he needed to run the war, because the stakes were high.

“He knew he had to make good decisions and good decision support was one of the first things he required.

“That bit of analytics, done with paper and pencil and stuck on walls, was way more effective than a lot of stuff being done with cloud technology these days.”

www.alphazetta.ai

www.leongettler.com

 Hear the complete interview and catch up with other topical business news on Leon Gettler’s Talking Business podcast, released every Friday at www.acast.com/talkingbusiness.

ends

More Articles ...

Contact Us

 

PO Box 2144
MANSFIELD QLD 4122