Cyber Security Trends to Watch in Australia in 2024

We Keep you Connected

Cyber Security Trends to Watch in Australia in 2024

Cyber Security Trends to Watch in Australia in 2024
Your email has been sent
Ransomware attacks on infrastructure and mid-market businesses are tipped to rise, while the use of AI cyber tools will grow as IT customers seek more signal and less noise from vendors.
The year 2023 was a big year for cyber security professionals in Australia. While IT teams continued to deal with the fallout of some big Australian data breaches, the new 2023-2030 Australian Cyber Security Strategy was released to boost defences against future threats.
Experts from Rapid7 have argued that Australia can expect both advantages and risks from AI cyber tools in 2024. Meanwhile, ransomware attacks will continue as threat actors seek rewards from holding critical infrastructure hostage and exploit defence weaknesses in the mid-market.
Jump to:
The Australian market is a global top-10 destination for ransomware attacks, and the trend will continue next year. Rapid7 VP of Global Government Affairs and Public Policy Sabeen Malik said Australia’s cyber strategy showed the realisation many would be affected.
“The idea of the no-liability framework (for ransomware reporting) is a recognition that, at some level and at some scale, this is going to be more ubiquitous than just critical infrastructure; everybody, at some point, is going to possibly have to deal with this issue,” said Malik.
Organisations should be stepping back now and asking what their policy and program is for ransomware, Malik said. This would include things like what disclosure will mean and whether they will pay a ransom, so they are not waiting until it happens, and it is too late.
PREMIUM: Use this security incident response plan.
The use of AI and automation will accelerate in cyber security in 2024. With AI and automation tools becoming more advanced in 2023, a lot of detection and remediation or prevention work can now occur automatically before vulnerabilities are exploited.
Rapid7’s Malik said this will help with the cyber security skills shortage because some of the functions usually done by analysts can now be automated using advanced technology.
“Another benefit is context. One of our industry challenges has been that, when it is working effectively, it can provide alerts in the tens of thousands if not hundreds of thousands a day. AI can provide more context, so analysts can do higher value work,” Malik said.
Enterprises using AI to enhance security have also been warned to proceed with caution. Rapid7 said some AI capabilities will “miss the mark” because a solution has been “rushed to market,” diminishing efficacy and, at times, increasing risk due to using AI solutions.
“In the AI use case, even as an assistant, all models are not the same,” Malik said.
With problems including hallucinations and variables such as whether a model uses open source or in-house data, Rapid7 recommends looking at each cyber security tool that uses AI on its own merits to assess the benefits and risks of using it for the organisation.
Disruptive ransomware attacks on critical infrastructure are likely to increase, in addition to attacks seeking to exploit personally identifiable information. Rapid7’s VP of Asia-Pacific and Japan, Rob Dooley, argues criminals will want to target greater rewards from the disruption.
SEE: Australia’s cyber shields strategy aims to protect critical infrastructure.
“For organised threat groups it is all about how to extract financial benefit,” said Dooley. “If you compromise personal and identifiable information, there’s the potential for identity theft. And those are significant issues, but they are kind of a long-term game for some of those organisations.”
While Dooley said Australians are even beginning to feel a little blasé about data breaches, incidents like the recent cyberattack against ports operator DP World and the national Optus network outage showed the potential chaos that ensues when infrastructure is impacted.
“There’s been a rise in these disruptive attacks,” Dooley said. “But also, in terms of the ability to extract financial benefit, if you shut down a system like that, it really brings the urgency for it forward, and there’s a greater chance you’re going to be able to extract that ransom.”
Mid-market companies will likely be targets of interest for threat actors in 2024. A lack of in-house cyber security resources and competencies will combine to make them softer targets than some of Australia’s larger, better-protected organisations and sectors, said Dooley.
“In the mid-market, it’s often not economically feasible to have more than probably two or three people in your cyber team,” Dooley said. “So in terms of your ability to defend yourself versus a bank, it’s just a bit tougher. Criminals are out to exploit the weakest points.”
The Federal Government is focusing on smaller businesses as part of its cyber strategy. This includes a AUD $7.2 million (USD $4.9 million) voluntary cyber health check program and AUD $11 million (USD $7.4 million) for one-on-one assistance for businesses during cyber challenges, including attack recovery.
Dooley said the mid-market is where businesses could extend a security operations centre methodology; organisations with small cyber teams could team up with a global partner with access to the tech, people and skill set to run a security program around the clock.
SEE: Logicalis turns to talent as a service to fill IT talent gaps in Australia.
“It’s foolhardy to think a mid-market business will have the resources or time or appetite to become a cyber security powerhouse,” Dooley said. “They really need to have partnerships in place.”
Enterprises will seek to further consolidate the number of security vendors they use. Dooley said tool proliferation has often had detrimental effects on efficiency, as organisations deal with problems like the “noise” of more alerts or gaps due to configuration challenges.
“I don’t think the market will ever be in a position where an organisation can rely on a single security vendor, but there will be a shift from ‘best-of-breed’ to ‘best-of-suite,’ where they will work with two, three or four suites within an enterprise organisation,” Dooley said.
As such, consolidation of security vendors has been a global trend. In 2022, Gartner found that 75% of organisations wanted to decrease the number of vendors they use to reduce complexity, leverage commonalities, reduce admin overhead and provide more effective security.
Stay up to date on the latest in technology with Daily Tech Insider Australian Edition. We bring you news on industry-leading companies, products, and people, as well as highlighted articles, downloads, and top resources. You’ll receive primers on hot tech topics that are most relevant to AU markets that will help you stay ahead of the game. Delivered Thursdays
Stay up to date on the latest in technology with Daily Tech Insider Australian Edition. We bring you news on industry-leading companies, products, and people, as well as highlighted articles, downloads, and top resources. You’ll receive primers on hot tech topics that are most relevant to AU markets that will help you stay ahead of the game. Delivered Thursdays
Cyber Security Trends to Watch in Australia in 2024
Your email has been sent
TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.
This is a comprehensive list of the best AI art generators. Explore the advanced technology that transforms imagination into stunning artworks.
Find the perfect payroll service for your business without breaking the bank. Discover the top cheap payroll services, features, pricing and pros and cons.
Is NordVPN worth it? How much does it cost and is it safe to use? Read our NordVPN review to learn about pricing, features, security, and more.
Free project management software provides flexibility for managing projects without paying a cent. Check out our list of the top free project management tools.
Australian and New Zealand enterprises in the public cloud are facing pressure to optimize cloud strategies due to a growth in usage and expected future demand, including for artificial intelligence use cases.
A successful chief digital officer drives their organization’s digital transformation and creates value while rationalizing business processes and the customer experience. This hiring kit from TechRepublic Premium provides a workable framework you can use to find the best CDO for your organization. From the hiring kit: EDUCATION AND EXPERIENCE Candidates must have a degree in …
With the increasing reliance on complex and global supply chains, more companies are exposed to a wide range of risks, including theft, counterfeiting, cyberattacks, natural disasters, geopolitical conflicts and regulatory changes. These hazards can disrupt operations, compromise the quality and safety of products and erode customer trust. So, to remain competitive and resilient, it is …
Cyber scams pose a significant threat to organizations of all sizes, regardless of their industry or geographic location. This article from TechRepublic Premium digs into the nature of these scams while also highlighting the measures organizations can take to shield their employees from becoming victims. From the download: ESTABLISH STRONG PASSWORD POLICIES AND LEAST PRIVILEGED …
Virtual reality and augmented reality are concepts which have attracted plenty of interest in both consumer and business operations. Both have shown incredible potential and versatility across a wide range of applications. The purpose of this policy from TechRepublic Premium is to provide guidelines for the appropriate business usage of VR and AR. It includes …
Get the web’s best business technology news, tutorials, reviews, trends, and analysis—in your inbox. Let’s start with the basics.
* – indicates required fields
Lost your password? Request a new password
Please enter your email adress. You will receive an email message with instructions on how to reset your password.
Check your email for a password reset link. If you didn’t receive an email don’t forgot to check your spam folder, otherwise contact support.
This will help us provide you with customized content.
Thanks for signing up! Keep an eye out for a confirmation email from our team. To ensure any newsletters you subscribed to hit your inbox, make sure to add newsletters@nl.technologyadvice.com to your contacts list.

source

GET THE LATEST UPDATES, OFFERS, INFORMATION & MORE