EDITOR'S DESK - ACSM, ISSUE 13, 2022

We signed a Joint Workplan with @CyberGovAU , formalizing a strategy to enhance robust and effective collaboration to combat the common cybersecurity threats facing Australia and the United States. @CISAgov

@CISAgov - Cybersecurity and Infrastructure Security Agency, July 14, 2022

The day prior to Australia and the United States formalising yet another strategy to enhance collaboration to combat the common cybersecurity threats, Victoria’s Deakin University was the subject of a cyberattack. Hackers used a staff member’s username and password to access student contact information held by an unnamed third-party provider and mass spam almost 10,000 students over a weekend via SMS. The SMS purported to be from a courier company and asked the recipients to click on a link to pay customs fees. In addition to the mass spamming incident, Deakin confirmed the contact details of 46,980 current and past Deakin students were also downloaded.

The concerning irony is at the time key nation state allies in the US and Australia are signing joint cybersecurity strategies, this is an Australian university that delivers cybersecurity degrees, employs office appointed leaders in the cybersecurity sector, including the Chair of the Australian Information Security Association, and the successful attack comes on the back of a release of an Office of the Victorian Information Commissioner (OVIC) report on the security of personal information held by Victoria’s universities.

The OVIC report found that Victoria’s universities had common cybersecurity vulnerabilities, including inadequately managing risks to personal information and not having written guidance about sharing personal information with third parties. Thereby this attack reflects poorly on all concerned.

To underscore the challenge, findings in The State of Industrial Security 2022 , which surveyed 800 senior managers globally, including 100 in Australia, responsible for industrial internet of things (IIoT)/operational technology (OT) in their organisation, indicated critical infrastructure is under attack. Despite agreement that IIoT and OT security is critical, businesses continue to face significant challenges as the geopolitical landscape becomes increasingly tense. The Australian cohort provided that attacks are widespread with 90 acknowledging they experienced a security incident in the previous 12 months and 84 experienced an incident that impacted for more than one day.

These types of findings are now very relevant, as this month also saw the passing of the 8 July ending of a 3 month grace period for mandatory cybersecurity incident reporting in accordance with the Security of Critical Infrastructure Act. The next obligation comes into effect on 8 October which provides CI owners and operators will need to register their Critical Infrastructure Assets. New guidance for cybersecurity incident reporting is available at www.cisc.gov.au.

The Australian Computer Society’s Digital Pulse 2022 report released this month confirms the country’s tech job numbers continue to boom, with over 1.2 million people expected to be working in the sector by 2027, with an average annual growth rate of 5.5%. The report highlights technology jobs are paying better than equivalent industries and proposes ways the nation can address the chronic IT worker shortage, including boosting the sector’s diversity and building the skills pipeline. The report found the nation’s tech workforce grew by 8% over the previous year, with over 870,000 Australians now working in IT roles. By comparison, the workforce as a whole only grew 3.4%.

In this issue Neha Dhyani, a Senior Security Consultant at Nokia Solutions & Networks writes an important article on effective threat hunting that allows the security analyst to think like a threat actor, and then use that understanding to determine what clues to look for that might indicate an attack is underway. Jason Duerden welcomes the appointment of Clare O’Neil as Federal Minister for Cyber Security. This is the first time Australia has ever had a dedicated

minister for cybersecurity and highlights a trend of cybersecurity measures taken by the Australian government dating back to the beginning of this decade. And Matt Hubbard has picked out three ICS incidents to show how industries have learned to deal with ICS cyber attacks over the decades and what we still need to keep in mind when securing ICS devices, data, and systems.

In our cover feature, we look at the demands on the CISO. The world of cybersecurity is akin to a giant iceberg – vast, complex, ever-changing and multi-faceted. Of its various facets, one in particular has the power to keep enterprise security professionals awake at night, and that’s the critical intersection that straddles the networking world and the cybersecurity world. This nexus is not only a major pressure point for the hard-pressed CISO, but also the object of much effort and investment in the security vendor community. We look at the market forces and trends that the CISO must navigate in a new and every challenging hybrid world.

Stay tuned with us and the community via the regular Cyber Risk Meetups, Security Consultant Insight Series and host of event partners across Australia and the Asia Pacific. We otherwise continue to take a deep dive into the cybersecurity domain, corporate risk management and throughout we have links through to our Tech & Sec Weekly Series and the latest Cyber Security Weekly podcasts.

On that note, as always, there is so much more to touch on and we trust you will enjoy this edition of Australian Cyber Security Magazine. Enjoy the reading, listening and viewing!

Chris Cubbage CPP, CISA, GAICD Executive Editor