Australia needs an “iron dome” to protect SMEs from cyber threats

Microsoft_cybersecurity ransomware Iron Dome

Source: Unsplash/Clint Patterson

Viruses, whether digital or biological, come in all shapes and sizes. But the best defense against them comes from a united and persistent response.

Take Australia’s COVID-19 Response. Nationwide, the JobKeeper program has pledged $90 billion to up to 3.5 million Australians, receiving a peak of $1,500 every two weeks. But the state governments also filled the gap. In February, Tasmania pledged $160 million in COVID-19 support to its struggling businesses, with grants ranging from $1,000 to $10,000.

In December, South Australia gave its businesses $40 million, with up to $20,000-$22,000 pledged to companies in the hardest-hit tourism, gym/fitness and hospitality sectors. Even the areas got relief, with payroll tax exemptions for all businesses that saw a 40% drop in sales, as well as $3,000 one-time grants for employing businesses and a 30% reduction on their regulated utility bills. This continued support from both the federal and state governments has made all the difference during such unpredictable times.

As Australia continues to effectively manage COVID-19, it should also acknowledge another ongoing issue threatening the well-being of our small and medium-sized enterprises (SMEs), the backbone of our economy. 96% of our companies have fewer than 200 employees.

These companies are largely unprepared and under-resourced for today’s sophisticated cyber threat, state actors and well-organized criminal gangs. This problem comes in the form of crippling ransomware, credential stealing, targeted system hacks, and cyber espionage. In 2017, Petya, a ransomware attack, destroyed Ukraine’s power grid, airport and many banks.

Also Read :  Embattled SoulCycle opens up to ClassPass subscribers in bid to drum up new members

In fact, since Russia’s annexation of the Crimean Peninsula in 2014, Ukraine has faced constant cyber threats, including two power outages that ravaged its capital, Kyiv, in a matter of months in 2015-16.

The need has shown Ukraine and others that to protect their citizens and their economy, they need the cyber equivalent of the Iron Dome, the Israeli defense system that shields the mainland from rocket fire.

In fact, Israel’s National Cyber ​​Directorate is beginning to create and mandate cyber security standards for its telecom companies, creating what they describe as “a sort of ‘iron dome’ against cyber security attacks,” says Communications Secretary Yoaz Hendel. As our latest threat report has shown, with more than 400 new threats every minute, standards that unite all actors on the attack surface are crucial.

But while high-level defenses are essential for utilities and governments, Australia must consider an “iron dome” for SMEs that recognize it is unfair to expect such companies to be able to adequately protect themselves without government support. This type of cyber “iron dome” should encompass a multi-layered approach to cybersecurity that includes cutting-edge threat prevention, detection, and response technologies in conjunction with elite security analysts and threat hunters.

Also Read :  Resolution to Support Parents, Schools, and District in Rejecting Harmful, Coercive, and Burdensome Gender Identity Policies and Protect School Lunch Programs and Federal Funding Subject to Title IX

This is a matter of both national and economic security. SMEs need to maintain their own defenses to avoid becoming the weakest link in the chain. In 2021, a report by the Australian Institute of Criminology estimated the economic impact on Australia at $3.5 billion. The vast majority of the $1.9 billion in costs were borne by Australian citizens, whether they were targeted or otherwise implicated in massive data breaches. And while the proportion of companies reporting major security breaches had dwindled to 8% before COVID, the subsequent shift to remote working has shifted the game towards poorly secured home IT environments where multiple family members may be using the same computer. and sensitive data can be accessed outside of managed devices, such as B. private phones can be accessed.

This means creating a COVID-style support system for underserved businesses making their way out of the pandemic into brand new hybrid work realities. Again, they should not be expected to do this alone. The head of the Australian Strategic Policy Institute’s International Cyber ​​Policy Centre, Fergus Hanson, has recommended creating tax incentives for larger companies trying to implement cybersecurity standards, rather than paying onerous fines. Managed Detection and Response (MDR) and Extended Detection and Response (XDR) are critical components, as is support for Managed Security Service Providers (MSSPs), who can augment organizations’ internal resources with the kind of capabilities that are typically outside of the company would be available. Range.

Also Read :  Jessica Ennis-Hill on the power of the pivot — in sports and in startups

A cyber “iron dome” that doesn’t specifically aim to bolster MSPs’ resources will fall short given our cybersecurity challenge. We think these incentives should be extended to most organizations as well, whether to help them extend endpoint protection to their hybrid workforce (or the nation’s freelancers, another often-ignored segment of the attack surface), or to cover cyber insurance premium payments in the event of a data breach. Because in the world of cybersecurity, the question isn’t if a security breach will happen, it’s when.

Before his defeat, Scott Morrison announced a $9 billion cybersecurity and intelligence package to defend the nation. It would be good if the new Labor government extended this protection to the country’s small businesses, which have contributed 32% to the country’s GDP. Much has already been done to protect them from the worst effects of COVID. The Iron Dome we are now building around our own digital infrastructure should also extend fully and equally to them.

Greg Ryan is Bitdefender’s Country Manager A/NZ

Source link