Security Leader: Clinton Shiels, Brennan IT

Clinton is the Senior Solutions Architect at Brennan IT

Credit: Clinton Shiels, Brennan IT

What do you see as the biggest security threats that we currently face?

Since Australia’s NDB (Notifiable Data Breaches) laws came into force in late February 2018, it’s clear the rising threat of data breaches has significantly affected organisations across all sectors.

Just under 1,000 ‘eligible’ data breaches were reported in NDB scheme’s first 12 months, a 712 percent increase compared with the final year of the voluntary scheme. These are substantial figures and are expected to rise.

Areas such as human error and malicious attacks exploiting companies through phishing campaigns continue to be the biggest security threats we regularly see. With the mass-adoption of Microsoft Exchange Online we have also seen an increase in credential-based attacks through targeted attacks via embedded hyperlinks in attachments.

What is the hardest thing about defending against data breaches?

Data breaches are by no means simple to defend against. Often, data breaches affecting larger numbers of individuals include a number of multi‐party breaches, which involve the compromise of a supplier to a number of entities. 

User education and adoption of good security practices are always the most challenging and, typically, the most impactful with around 30 percent of notifiable breaches still caused through human error. Educating staff to spot attackers is an ongoing challenge to keep users engaged and needs to be embedded in People and Culture processes and general good security practices.

What technologies do you think will most transform security in coming year?

A multilayered and constant mindfulness on security is required, it can’t be a set and forget style investment.

In general, for most of our clients, we are moving towards Microsoft Office 365 hardening as standard and MFA now as out-of-the box Microsoft Secure score is very low and requires configuration to ensure clients are at a reasonable security baseline.

Over the coming year we see a strong need to introduce CASB for cloud-based security and EDR and AI/machine learning-based technologies that actively track and correlate threats into more of our clients to maintain a strong security posture. We see these modern technologies becoming mandatory in business, much like antivirus and firewalls were in the past.

Having an understanding of where the threat is and where it has come from is critical to provide the ability to isolate or shutdown the network connection of an infected device before it spreads.

Additionally, multi-factor authentication is becoming mandatory in conjunction to a good security awareness policy and user education.

How do you engage with executives to build up support for engaging external security services?

For many IT managers, maintaining day-to-day operations takes up a lot of their time which leaves little bandwidth for essentials in security such as training and planning.

A Brennan IT study we undertook found that most of the mid-sized organisations surveyed are well aware of the cybersecurity and data privacy challenges facing them however may not know where to go to mitigate the risks associated.

As a Managed Service Provider (MSP), we work closely with our clients to take a holistic view into security to ensure that there aren’t any security gaps across complex technology stacks. We look to work through the business risks and impacts with our clients and outline a roadmap of improvements to remove or mitigate these risks.

Why it is important to use a Managed Service Provider within the security posture of an organisation?

Managed service providers can help organisations establish security footing, develop the right policies to deploy the correct technologies (ensuring optimal security), and then assist them to maintain and improve it over the long-term. We work closely with our technology partners and have a broad understanding of our clients needs which gives us the ability to regularly see similar issues and become subject matter experts. We also have the economy of scale so have hundreds of technical staff that specialise in different areas which most of our clients don’t have the luxury of having in-house.

Cybersecurity is often misunderstood to be solely about technology. In contrast, cybersecurity is largely about the talent driving and controlling the security posture of an organisation. It’s here where many Australian organisations are struggling. More than a third of respondents (37 percent) to a Brennan IT survey advised they don’t conduct security training and 41 percent said it’s something they tend to less than once a year.

As an MSP, we work with our clients to provide security policies and programs that are in place, evolving as and where necessary, monitor employees and their approach to security, and will step in where required to correct and train staff.

While these are the core security functions of an MSP, as a technology partner we will remain proactive around client security requirements and provide advice when new threats or risks arise.

Why is responsibility and accountability crucial within security?

Security is really risk mitigation, which I see as one of the most important functions of any organisation. In order for security to properly be prioritised, it must be encapsulated within a proper ‘governance’ framework. This relates to accurately identifying and allocating responsibility and accountability at key points in the chain.

Those responsible need to meet regularly to provide updates, as well as discuss and allocate budget and other resources to stay ahead of the threat trend curve. We take a holistic approach to security to ensure threats are swiftly identified and resolved, and we are accountable for our services to our clients through our SLA’s and as a trusted partner.

 How has the availability of skills affected organisations’ ability to implement security measures?

The shortage of skills across all areas of ICT pose a real threat to local organisations as technology continually plays a major role in driving innovation and productivity improvements.

The skills gap is a clear indicator where organisations simply don’t have the available funds to internally hire a security team to properly maintain security measures or may not require a full-time resource. As a result, organisations are increasingly turning to MSP’s to outsource security needs to leverage specialist professionals. In doing so, organisations will benefit from newfound valuable time and resources to focus on doing what they do best.

What security threats do you see as most problematic over the next year?

While data breaches will continue to be a major security threat, ransomware and phishing attacks are also becoming more problematic for organisations – prompting the need for heightened security postures.

It’s crucial for organisations to implement more than just firewalls and email security solutions, leverage multifactor authentication, EDR solutions, protect your valuable information held on multi-cloud environments, and drive user security awareness.

To reduce these risks to organisations, it’s strongly advised to partner with an MSP and get advice on the threat landscape and suitable solutions.

Show Comments