Security News > 2023 > October > Leading CISO Wants More Security Proactivity in Australian Businesses to Avoid Attack ‘Surprises’

The complexity and change experienced by organisations as they grow is one reason we are seeing similar cyber security risks to a decade ago, says Rapid7's CISO Jaya Baloo.

Speaking on ethics in information security at the 2023 Australian Cyber Conference, Baloo said the Australian market has truly woken up to cyber risks in the last year due to a number of high-profile data breaches that have affected millions of Australians.

Baloo told TechRepublic proactive mapping of assets and vulnerabilities, consistency through times of organisational growth and planning ahead for risks like quantum computing could help Australian security pros step off what can feel like a "Hamster wheel."

Despite talking to organisations about similar risks for a decade, Baloo said that many were "Still surprised" when a lack of understanding of the assets they had and the vulnerabilities that were on those assets led to them being the victim of a cyber security incident.

Baloo said attack surface management automations in the form of third-party risk scores were also not always correct in estimating what belonged to a company.

If Australian organisations want to be able to protect healthcare data for the lifetime of a patient, or even intergenerationally, Baloo said quantum computing now means "We don't know how to do that."

News URL

https://www.techrepublic.com/article/rapid7-interview-cybersecurity-issues-australia/