FireEye Australia cautions organisations about public cloud access

The way Australian companies approach cybersecurity might not be so different to international counterparts from the outset but what sets them apart, according to FireEye Australia and New Zealand vice president Louis Tague, has been their appetite for public cloud.

Tague explained how like most other businesses, Australian organisations are often asking their IT team the same cybersecurity questions to validate the investments they have made in cybersecurity technology works.

"Am I protected? Are we protected against these known threats? Looking at what happened to this company over here, are we in the same position? I think that is across regions and across countries," he said, speaking to ZDNet.

"It was asked before and it's still being asked now … and I think these are really the questions most boards are still trying to answer."

In addition to these questions, Tague said Australian organisations need to also be thinking about security in the public cloud.

"[Australia] is further down that path of utilising public cloud than many other regions. It's interesting Australia has adopted those technologies much faster than anybody else. That brings with it enormous business advantages in terms of cost and management, but it does add an element of risk," he said.

See also: 70% of IT leaders say security concerns restrict adoption of public cloud (TechRepublic)

He acknowledges while public cloud infrastructure "in its own right is actually secure", the issue is more about how organisations are going about protecting the access to it.   

"Organisations are looking to say, 'Well if somebody is able to get into my public cloud, then I'm coming in through the backdoor through the infrastructure'," he said.

"[Attackers] are coming through the front door, through the corporation, through their credentials, and that's really where a lot of the security measures in place for large enterprise on-prem environments need to be extended out into their cloud environments. We're seeing a lot of that.

"The credentials, the logins into an enterprise cloud are the keys to the kingdom, and those are the things that need to be protected. You need to understand who is able to login and who is not, and look for any anomalies across that." 

He said these conversations about cybersecurity have naturally been further exacerbated by the recent coronavirus pandemic where many businesses have been forced to operate remotely.

"Nobody really thought they would have to put in a DR (disaster recovery) plan and then permanently manage to that," he said.

"There was an enormous push in those early weeks with people working from home of what was secure, what was not secure. We have definitely seen an increase in cyber activity; ransomware has really come up a significant amount."

Tague also took the opportunity to highlight that while cybersecurity is front of mind for many Australian organisations, the challenge for most is overcoming the skills shortage.

"There are just not enough people in the cyber space," he said.

"All of these organisations are building these cyber capabilities, but are all challenged to find people to run it. I think that's one of the challenges facing the ANZ market: The shortage of cyber professionals.

"I'm not talking about people who are one year out of universities, it's people with real-world experience … you need people to understand the technology you've got, you need people to configure it, you need people to understand the information, and if there's a breach you don't have all those people on standby in an organisation. That is the big challenge this country is going to face."

He partly believes it will take time to build up enough cyber skills in Australia, mainly because it's still such a new sector.

"The growth of the cyber professional demand is exponential at the moment -- it's going through the roof. The intake at university level is not where it should be. The jobs that's taking people through that learning curve takes a long time to train people up, and unfortunately, it's not something you can turn the tap on quickly. It's going to take some time."

Related Coverage

COVID-19 cyber espionage saw Chinese ministry targeted by Ocean Lotus: FireEye

Spear phishing campaign out of Vietnam went after information related to coronavirus, security firm says.

FireEye warns about the proliferation of ready-made ICS hacking tools

The growing number of hacking tools targeting industrial equipment is slowly becoming a problem

FireEye scoops up cloud security startup Cloudvisory

The acquisition is expected to expand FireEye Helix's cloud security capabilities.

FireEye acquires Verodin for identifying gaps in security

The acquisition is expected to accelerate billings and revenue growth, adding an estimated $20 million to FireEye's billings in 2019 and more than $70 million to billings in 2020.