The reality is that most businesses, particularly small-to-medium enterprises, lack the resources to implement and maintain the extensive security controls they need to safeguard their systems, customer data and ultimately, their reputation.
Recognising the unique role it can play in cyber security, Telstra CEO Andy Penn recently launched two new Security Operations Centres to provide 24/7 monitoring, detection and cyber security assistance for enterprise customers.
Situated in the hearts of Melbourne and Sydney, these two operations centres are modelled on Australia’s highest security standard, ASIO-T4, to support Telstra’s vision of building a cyber secure Australia.
“Cyber security is a team sport requiring the collaboration of government, regulators and businesses to be successful. We all need to work together to find solutions that will help businesses and individuals better protect themselves from growing cyber security threats,” Mr Penn said at the launch.
“Our cyber security strategy aims to lift the country’s cyber security baseline through the establishment of secure connections, network-level controls and awareness campaigns for the business community as well as consumers.”
The new centres represent a holistic approach to security, combining state-of-the art active and passive cyber-security measures with electronic security that meets Australia’s most stringent standards. The centres combine conventional cyber-threat monitoring – finding threats that have already been identified – with proactive identification of previously unseen threats, powered by data analytics and machine learning.
To protect against the broadest swathe of threats, client-side electronic security, such as cross-referencing user profiles and electronic logins with the user’s physical location, can provide businesses with the confidence that integrated monitoring and security solutions will help keep their premises and assets secure.
Virtual systems, real talent
As cyber threats diversify, it has become increasingly difficult for individual organisations to maintain the highly specialised skillsets required to deal with the variety of attacks they face. Traditionally, managed security services have been able to attract that dedicated talent; however, the specificity involved in modern cyber security is making it difficult for even dedicated firms to retain top talent.
Powered by Microsoft Azure and completely virtualised, Telstra’s twin security centres in Melbourne and Sydney are dramatically expanding the expertise on offer for any given problem. Equipped with collaborative war rooms, room-scale laser microphones and a battery of webcams, the Melbourne and Sydney teams can seamlessly collaborate from anywhere within the two SOCs.
As a fully virtualised security system, each of the centres can be deactivated temporarily without any interruption to service as the other location picks up the slack – providing its operators with the flexibility to address any challenge that emerges.
To be truly effective, a managed security service needs to collaborate closely with an organisation’s own security teams and infrastructure. And to promote interoperability, Telstra’s new operations centres are built on a constellation of open-source security platforms, with Apache Metron’s big-data security analytics at its core.
The most robust security solutions involve constant collaboration, with shared databases and open discussions to ensure data is properly contextualised, to assist Australian businesses to gain visibility of their security posture.
“In the wake of recent ransomware attacks, we know that no organisation can do this alone. Our role now is to help turn this intent into action by providing our customers with the products and services that will deliver a more secure operating environment for all Australians,” Mr Penn said.
Any effective cyber-security strategy needs to be holistic, one that puts into place passive and active preventive measures against the wide variety of threats modern enterprises face – from the raw power of a botnet-powered distributed denial of service (DDoS) attack, to the constant vigilance and workforce education required to prevent phishing and malware from compromising vital systems and customer data.
“People are the most common cause for security incidents, often unknowingly. There is a strong need for ongoing education and development of the workforce through learning and development programs embedded into business training,” Mr Penn said.
By providing advanced 24/7 monitoring capabilities and specialist expertise, managed security services form a cornerstone of effective modern cyber security.