Cyber attackers have long had an advantage over IT organisations. With virtually unlimited resources at their disposal, attackers have only to find one weak link to gain access to corporate resources. IT organisations, on the other hand, have to secure and protect the entire IT environment. A security skills shortage makes this even more challenging.
According to the Federal Government, the demand for cyber security skills will grow by more than 20% – that’s 9,100 jobs – over the next five years. The problem is, there’s already a shortage. Veteran security professionals are in high demand, and recent university graduates do not have the practical experience required to reduce risk in a complex and growing IT environment.
As more and more personal and sensitive data goes online, the attack surface grows. Computer systems are attacked on a daily basis, with large security breaches like the recent attack on Ashley Madison making news headlines on a semi-regular basis. The business impact is significant: loss of customers, loss of investor trust and regulatory compliance fines, just to start.
Protecting the IT environment is no easy matter. Gone are the days of relying primarily upon signature updates. Cyber attacks have grown increasingly complex over recent years as attackers evolve their tactics to evade preventive controls. Often months pass before these attacks are discovered by IT. In the meantime, attackers exfiltrate data and sell it on the black market. The longer it takes for an attack to be detected, the greater the company’s losses.
Australia’s Role in Filling the Skills Gap
None of this bodes well for companies, especially those that lack the skillsets to build up a security strategy. However, it does present an opportunity for Australia to become the Asia Pacific hub in the fight against cyber crime. Given the country’s stable economy and information and communications technology (ICT), Australia is best positioned to address the region’s security skills gap. What’s more, Australia can become an exporter of cyber security capability.
Recognising this opportunity, companies are making efforts to shore up Australia’s security capability. Companies like Commonwealth Bank are working with the Federal Government and universities to attract more students to Science, Technology, Engineering and Math (STEM) subjects, and provide the practical experience required to enter the workforce.
Other companies are forming strategic partnerships to help Asia Pacific businesses address their security skills gap and improve their security posture. At Dragonfly, we are building an Asia Pacific alliance to bring the best security services together with Australia as its base. To that end, we recently announced a partnership with Singapore-based NSHC. A trusted leader in cyber-security defenses, NSHC holds top five positions in several worldwide hacking contests and has been invited as a distinguished speaker at international security conferences.
Dragonfly’s collaboration with NSHC spans several countries, including Australia, Singapore, South Korea and Japan, and provides a single channel in the fight against cyber crime for the local Australian market.
Through the partnership, Dragonfly and NSHC provide cyber security services in the areas of PCI DSS compliance, threat intelligence, penetration testing and application security services, training and awareness for law enforcement agencies, and security research. Together, we provide access to the sophisticated skillsets and experience companies need to protect, detect and respond to advanced zero-day threats and vulnerabilities. We encourage other security providers to consider doing the same.
The Time is Now
A study published by International Data Corp (IDC) and the National University of Singapore (NUS) in March 2014 revealed that businesses worldwide would spend nearly US$500 billion in 2014 to deal with the problems caused by malware on pirated software. The figure for enterprises in Asia Pacific amounted to almost US$230 billion.
Clearly, the need for security services is significant. In the absence of skilled employees, Asia Pacific businesses need trusted partners to provide those capabilities. At Dragonfly, we are proud to serve as one of those trusted partners, and we hope other technology providers seize this opportunity as well.