Telstra announces two cybersecurity centres, new managed security service

Telstra has said it will 'democratise' its managed security service by building upon open source, with the telco to also launch two new cybersecurity centres during July.
Written by Corinne Reichert, Contributor

Telstra has announced that it will be launching a new suite of managed security services and two new cybersecurity centres in Melbourne and Sydney.

According to Neil Campbell, Telstra's director of Security Solutions, the offerings will be ready for customers by July 19, with the aim to make the cybersecurity challenge easier for organisations to deal with.

"We're taking this opportunity to rethink and reinvent really our product portfolio very much with that mindset of 'it's not enough to offer point solutions, it's not enough to focus on today's problem'," Campbell told ZDNet.

"We need to help our customers and help the community to improve its cybersecurity resilience, to be more ready for attacks, more resilient against them, and therefore be more profitable, have more confidence in using the internet, and that confidence and reduction in interruption will play right across the entire spectrum through consumer and small business to enterprise, and should ultimately result in better gross domestic product outcome."

Telstra said its new managed security services depart from traditional approaches, which Campbell labelled as being "slow and cumbersome and reactive".

"Our new managed security services technology platform is built on open source, in part so that we can democratise that kind of SIM layer -- security, information, management layer -- we're trying to make technology more available to a broader part of the market at a more cost-effective rate so that we can help to raise that base level of security, not just in enterprise but pushing down into the mid-market, who wouldn't previously have been able to afford services like this," Campbell said.

"The first set of offerings will be what you think of as traditional managed security services -- managed firewall, managed intrusion prevention -- and it will be that full stack ... it will give us the ability to manage the vast majority of security infrastructure that a customer needs to operate.

"Using an open-source platform in a very much more cost-effective way giving the customer the kind of transparency they need, but also using technologies like big data to prepare ourselves on behalf of our customers for the kind of massive event flows that we will see as we see a greater uptake of Internet of Things connecting to their network."

Telstra made its announcements off the back of the release of its annual cybersecurity report, which revealed that the rate of "business-interrupting" cyber attacks have doubled in the past year in the Asia-Pacific region.

Telstra's Cyber Security Report 2017, released on Wednesday, showed that 59 percent of organisations in both Australia and the wider Asia-Pacific region surveyed reported one security breach at minimum on a monthly basis during 2016.

Campbell said the results being mirrored in APAC show that it is not merely an Australian problem.

"This is very much an industry challenge," Campbell told ZDNet.

Of the respondents to Telstra's report survey, 42.2 percent were from Australia; 16.7 percent from India; 14.4 percent from Singapore; 13.6 percent from Indonesia and the Philippines; and 13.1 percent from Hong Kong.

Distributed denial-of-service (DDoS) attacks have also grown significantly over the year, with Telstra's report citing Imperva experiencing 100 percent growth of network- and application-layer attacks and Akamai reporting a 71 percent increase in total global DDoS attacks.

According to the report, ransomware was the most downloaded malware in the Asia-Pacific region during the year, with around 60 percent of Australian businesses experiencing at least one incident in the 12-month period.

Of those that experienced a ransomware incident, 42 percent paid the ransom. However, nearly 33 percent of organisations facing a ransomware demand never recovered their files, despite paying up.

(Image: Screenshot by Corinne Reichert/ZDNet)

Telstra reported the top ransomware botnet in the region as being Locky, which carried out 74 percent of all attacks, followed by CryptoWall, at 14 percent; Cerber, at 11 percent; TorrentLocker, at 0.5 percent, CryptXXX and TeslaCrypt, both at 0.04 percent; VirLock, at 0.03 percent; and Cerberus, at 0.00005 percent of all ransomware demands.

"Obviously, ransomware is big business now, a big focus for cybercriminals," Campbell said, adding that businesses can avoid getting themselves in a situation where they are susceptible to ransomware demands.

"The absolute most important thing is backup, backup, backup, and then backup again. And make sure that your backup strategy runs frequently enough and has enough layers in it that it is a combination of on-premises and off-premises storage," he said.

According to Campbell, SMBs do not back up their files as diligently as larger organisations, with ransomware attackers relying on the "sweet spot" in the market where information is business-critical, but where businesses are far less likely to have a strong backup regime.

Businesses also need to implement a better security system to begin with, Campbell said.

"Backup is -- you're kind of treating a symptom. You also need to take on the cause, which is the malware arriving on your network in the first place," he explained.

"So a better approach to end-point security, a better approach to perimeter security, will always stand you in good stead. You don't apply security in single, thin layers; you apply security in depth."

Telstra's new cybersecurity offerings will also enable organisations to battle the ransomware problem, Campbell said.

"When you think about managed security services, that service will enable organisations to more rapidly detect attacks, both attempts and successful, and be in a better position to respond to those attacks and eradicate the cause of the attack before any significant damage is done."

Telstra's new offerings were partly inspired by the Australian government's own cybersecurity initiatives -- beginning with its cybersecurity strategy launched in April last year -- according to Campbell.

"I'm really heartened by how the government has been driving cybersecurity in Australia," he said.

"I think it's fair to say that that in part has been an inspiration, certainly an input to our strategy. I think the government has it right in that this is a societal issue: You can't address cybercrime by going to each individual affected party and trying to fix the symptom of cybercrime one by one. You have to take a far more systemic or national ... approach to it."

Campbell hailed the government for backing up its policy with action by opening its first Joint Cyber Security Centre in Brisbane last month. The government also opened its Cyber Security Growth Centre opened in December and announced AU$1.9 million in funding for universities to deliver specialised cybersecurity training and become Academic Centres of Cyber Security.

Telstra is also satisfied with the "massive increase" in the level of involvement now being seen from C-level executives across Australia, Campbell said, which shows that companies are focused on driving progress.

"Cybersecurity within an organisation has to be a top-down focus," he said.

"We need to see executives recognising the importance, incorporating cybersecurity into their risk-management programs and then driving improvement through the organisation, and tracking it as rigorously as they would any other significant risk."

While Telstra is backing the effectiveness of its new system, Campbell said it is imperative that businesses accept that some cyber attacks will be successful; otherwise, they won't be prepared for when an attack does succeed.

"An attack will be successful," he said.

"The whole industry needs to get over that."

Editorial standards