Murray Mills , Manager – Cyber Security at Tecala , tells us how companies can identify cybersecurity gaps that may require external assistance or additional resourcing .

ith 2022 now

Last year at Tecala , we drew inspiration from a theme focusing on emerging stronger from what 2020 and the first part of 2021 threw at all of us .

Most organisations spent the year digitally transforming and adopting cloud-based systems to enable workfrom-anywhere scenarios . Words like productivity and continuity permeated all technology and business conversations .

But so did security . With workforces distributed and working in new hybrid models , using technology systems they may have been unfamiliar with , an effective security solution for this environment was critical .

Organisations recognised this , but so did attackers . One survey found 73 % of Australian organisations fell victim to cyberattacks targeting remote workers in the past year , suggesting far more work is needed to layer additional protections , build resiliency and raise internal security awareness . Ultimately , as Gartner notes , long-term work-fromhome ‘ requires a total reboot of policies and security tools suitable for the modern remote workspace ’.

Tecala is already undertaking these kinds of reviews . We use them as the basis for crafting security strategic roadmaps that tailor a security journey to an organisation ’ s specific needs over forward years . The roadmap takes organisations from where they are now to where they want to be ; is aligned to key threat mitigation frameworks such as the Essential Eight or the CIS Controls ; and is designed to help organisations address the substantial challenges and security headwinds they are now facing .

While every review and roadmap is different , just as every organisation ’ s needs are different , we have identified some common trends among the organisations we work with from a security perspective .

In the interest of openness and intelligence sharing , we ’ ve decided to list the top five here as they may be useful in reflecting on your own journeys to date and identifying gaps that may require external assistance or additional resourcing to close in the year ahead .

Murray Mills , Manager – Cyber Security at Tecala

Security standards will actually become standard

Organisations presently have a range of standard frameworks to choose from and benchmark cybersecurity readiness . These include domestic frameworks like the Essential Eight , as well as overseas ones such as the Centre for Internet Controls ( CIS ) 18 and the National Institute of Standards and Technology – NIST – framework .

There ’ s considerable repetition and overlap between the different frameworks , such that meeting the requirements of one would likely place an organisation well on the path to complying with the others as well . Whatever framework an organisation chooses , it is likely to serve them well . However , within the small-to-medium enterprise market , the Essential Eight

74 www . intelligentciso . com