Security News > 2023 > October > Leading CISO Wants More Security Proactivity in Australian Businesses to Avoid Attack ‘Surprises’
The complexity and change experienced by organisations as they grow is one reason we are seeing similar cyber security risks to a decade ago, says Rapid7's CISO Jaya Baloo.
Speaking on ethics in information security at the 2023 Australian Cyber Conference, Baloo said the Australian market has truly woken up to cyber risks in the last year due to a number of high-profile data breaches that have affected millions of Australians.
Baloo told TechRepublic proactive mapping of assets and vulnerabilities, consistency through times of organisational growth and planning ahead for risks like quantum computing could help Australian security pros step off what can feel like a "Hamster wheel."
Despite talking to organisations about similar risks for a decade, Baloo said that many were "Still surprised" when a lack of understanding of the assets they had and the vulnerabilities that were on those assets led to them being the victim of a cyber security incident.
Baloo said attack surface management automations in the form of third-party risk scores were also not always correct in estimating what belonged to a company.
If Australian organisations want to be able to protect healthcare data for the lifetime of a patient, or even intergenerationally, Baloo said quantum computing now means "We don't know how to do that."
News URL
https://www.techrepublic.com/article/rapid7-interview-cybersecurity-issues-australia/
Related news
- CISOs don’t invest enough in code security (source)
- Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them (source)
- GitHub CISO on security strategy and collaborating with the open-source community (source)
- Australian Government Agencies Failing to Keep Up With Cyber Security Change (source)
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
- Balancing usability and security in the fight against identity-based attacks (source)
- CISOs are juggling security, responsibility, and burnout (source)
- Security pros more confident about fending off ransomware, despite being battered by attacks (source)
- Zscaler CISO on balancing security and user convenience in hybrid work environments (source)